Skip to content
This repository was archived by the owner on Jan 5, 2023. It is now read-only.

Commit bd9100e

Browse files
srt32srt32
authored
Update other file too
1 parent 7adf477 commit bd9100e

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

ql/src/Security/CWE-079/ReflectedXssGood.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ func serve1() {
1111
r.ParseForm()
1212
username := r.Form.Get("username")
1313
if !isValidUsername(username) {
14-
// BAD: a request parameter is incorporated without validation into the response
14+
// GOOD: a request parameter is escaped before being put into the response
1515
fmt.Fprintf(w, "%q is an unknown user", html.EscapeString(username))
1616
} else {
1717
// TODO: do something exciting

0 commit comments

Comments
 (0)