whitespace-sanitize user-provided query string value

NASA-PDS / registry-api

Web API service for the PDS Registry, providing the implementation of the PDS Search API (https://github.com/nasa-pds/pds-api) for the PDS Registry.

https://nasa-pds.github.io/pds-api

Apache License 2.0

2 stars 5 forks source link

whitespace-sanitize user-provided query string value #537

Closed alexdunnjpl closed 2 weeks ago

alexdunnjpl commented 2 weeks ago

🗒️ Summary

Addresses https://github.com/NASA-PDS/registry-api/security/code-scanning/155

@jordanpadams do you want this merged to main immediately, or is it okay to get there via an eventual merge from develop?

⚙️ Test Data and/or Report

n/a

♻️ Related Issues

Fixes #522

jordanpadams commented 2 weeks ago

@alexdunnjpl doesn't matter to me. I think this is a bigger question to be discussed with @tloubrieu-jpl . The only think I request is eventual consistency.