Update java/ql/src/Security/CWE/CWE-079/XSS.java

atorralba · web-flow · commit ac46a38b9d80 · 2022-09-13T16:49:20.000+02:00
diff --git a/java/ql/src/Security/CWE/CWE-079/XSS.java b/java/ql/src/Security/CWE/CWE-079/XSS.java
@@ -3,7 +3,7 @@ protected void doGet(HttpServletRequest request, HttpServletResponse response)
 	throws ServletException, IOException {
 		// BAD: a request parameter is written directly to the Servlet response stream
 		response.getWriter().print(
-				"The page \"" + request.getParameter("page") + "\" was not found."); // $xss
+				"The page \"" + request.getParameter("page") + "\" was not found.");
 
 	}
 }

Original file line number	Diff line number	Diff line change
`@@ -3,7 +3,7 @@ protected void doGet(HttpServletRequest request, HttpServletResponse response)`
`3`	`3`	`throws ServletException, IOException {`
`4`	`4`	`// BAD: a request parameter is written directly to the Servlet response stream`
`5`	`5`	`response.getWriter().print(`
`6`		`- "The page \"" + request.getParameter("page") + "\" was not found."); // $xss`
	`6`	`+ "The page \"" + request.getParameter("page") + "\" was not found.");`
`7`	`7`
`8`	`8`	`}`
`9`	`9`	`}`