File tree Expand file tree Collapse file tree 5 files changed +6
-0
lines changed
main/java/com/microsoft/aad/msal4j
msal-b2c-web-sample/src/main/java/com/microsoft/azure/msalwebsample
msal-obo-sample/src/main/java/com/microsoft/azure/msalobosample
msal-web-sample/src/main/java/com/microsoft/azure/msalwebsample Expand file tree Collapse file tree 5 files changed +6
-0
lines changed Original file line number Diff line number Diff line change @@ -163,6 +163,7 @@ private static void openDefaultSystemBrowserInWindows(URL url){
163163 private static void openDefaultSystemBrowserInMac (URL url ){
164164 Runtime runtime = Runtime .getRuntime ();
165165 try {
166+ // CodeQL [SM00680] False positive: this URL is validated earlier in the interactive flow
166167 runtime .exec ("open " + url );
167168 } catch (IOException e ) {
168169 throw new RuntimeException (e );
@@ -182,6 +183,7 @@ private static void openDefaultSystemBrowserInLinux(URL url){
182183 if (openToolPath != null ) {
183184 Runtime runtime = Runtime .getRuntime ();
184185 try {
186+ // CodeQL [SM00680] False positive: this URL is validated earlier in the interactive flow
185187 runtime .exec (openTool + " " + url );
186188 } catch (IOException e ) {
187189 throw new RuntimeException (e );
Original file line number Diff line number Diff line change 2929 */
3030class DefaultHttpClientManagedIdentity extends DefaultHttpClient {
3131
32+ // CodeQL [SM03767] False positive: in addTrustedCertificateThumbprint() we create a TrustManager that only trusts a certificate with specified thumbprint.
3233 public static final HostnameVerifier ALL_HOSTS_ACCEPT_HOSTNAME_VERIFIER ;
3334
3435 static {
Original file line number Diff line number Diff line change @@ -32,6 +32,7 @@ static void removeStateNonceCookies(HttpServletResponse httpResponse){
3232 Cookie stateCookie = new Cookie (MSAL_WEB_APP_STATE_COOKIE , "" );
3333 stateCookie .setMaxAge (0 );
3434
35+ // CodeQL [java/insecure-cookie]: Suppressing CodeQL warning since this is just a sample
3536 httpResponse .addCookie (stateCookie );
3637
3738 Cookie nonceCookie = new Cookie (MSAL_WEB_APP_NONCE_COOKIE , "" );
Original file line number Diff line number Diff line change @@ -25,6 +25,7 @@ public String graphMeApi() throws MalformedURLException {
2525
2626 String oboAccessToken = msalAuthHelper .getOboToken ("https://graph.microsoft.com/.default" );
2727
28+ // CodeQL [java/xss]: Suppressing CodeQL warning since this is just a sample
2829 return callMicrosoftGraphMeEndpoint (oboAccessToken );
2930 }
3031
Original file line number Diff line number Diff line change @@ -32,6 +32,7 @@ static void removeStateNonceCookies(HttpServletResponse httpResponse){
3232 Cookie stateCookie = new Cookie (MSAL_WEB_APP_STATE_COOKIE , "" );
3333 stateCookie .setMaxAge (0 );
3434
35+ // CodeQL [java/insecure-cookie]: Suppressing CodeQL warning since this is just a sample
3536 httpResponse .addCookie (stateCookie );
3637
3738 Cookie nonceCookie = new Cookie (MSAL_WEB_APP_NONCE_COOKIE , "" );
You can’t perform that action at this time.
0 commit comments