Files
codeql/python/ql/src/change-notes/released/0.8.4.md
2023-09-05 16:56:14 +00:00

437 B

0.8.4

Minor Analysis Improvements

  • Improved Reflected server-side cross-site scripting (py/reflective-xss) query to not alert on data passed to flask.jsonify. Since these HTTP responses are returned with mime-type application/json, they do not pose a security risk for XSS.
  • Updated path explanations for @kind path-problem queries to always include left hand side of assignments, making paths easier to understand.