search

PixeeSandbox / juice-shop2

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
https://owasp-juice.shop
MIT License
0 stars 0 forks source link

✨ (CodeQL) Sanitize URL Host with Allowlist #4

Closed pixeebot[bot] closed 4 months ago

pixeebot[bot] commented 5 months ago

✨✨✨

Remediation

This change fixes findings identified by CodeQL.

Details

Replace url substring check with robust check to allowed hosts.

🧚🤖 Powered by Pixeebot Enhanced with AI Learn more

Feedback | Community | Docs | Codemod ID: codeql:javascript/url-substring-sanitization

pixeebot[bot] commented 5 months ago

I'm confident in this change, but I'm not a maintainer of this project. Do you see any reason not to merge it?

If this change was not helpful, or you have suggestions for improvements, please let me know!

pixeebot[bot] commented 5 months ago

Just a friendly ping to remind you about this change. If there are concerns about it, we'd love to hear about them!

pixeebot[bot] commented 4 months ago

This change may not be a priority right now, so I'll close it. If there was something I could have done better, please let me know!

You can also customize me to make sure I'm working with you in the way you want.