mirror of
https://github.com/github/codeql.git
synced 2025-12-18 01:33:15 +01:00
297 B
297 B
lgtm,codescanning
- The XSS query now accounts for more ways to set the content-type of an entity served via a Spring HTTP endpoint. This may flag more cases where an XSS-vulnerable content-type is set, and exclude more cases where a non-vulnerable content-type such as
application/jsonis set.