hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 09:45:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
e2cec582be9f632b7df2fcd5a9dc0f5bfd0b8208
codeql/java/ql
History
lcartey@github.com e2cec582be Java: XSS - ignore Spring sinks when content-type is safe. 
Methods annotated with a produces field which indicates a safe
content-type should not be considered XSS sinks. For example:

@RequestMapping(..., produces = "application/json")
2020-06-16 09:50:35 +01:00
..
examples
Java Cookbook: Slight improvement to the IntegerLiteral pattern.
2019-08-05 11:03:30 +02:00
src
Java: XSS - ignore Spring sinks when content-type is safe.
2020-06-16 09:50:35 +01:00
test
Merge pull request #3491 from luchua-bc/java-insecure-smtp-ssl
2020-06-10 11:02:50 +02:00