Fix code scanning alert - Incomplete URL substring sanitization #3291

Taaku18 · 2023-07-10T12:20:18Z

Tracking issues for:

I don't see how these are vulnerabilities. But since CodeQL says so, I'll replace it with a better way.

RealCyGuy · 2023-07-10T17:19:06Z

I don't think it's a vulnerability, but it could cause unexpected behaviour if an image url was https://gyazo.com.example.com/image.png for example.

(cherry picked from commit 2b66710)

Taaku18 added the in progress label Jul 10, 2023

Taaku18 self-assigned this Jul 10, 2023

Taaku18 added staged Staged for next version and removed in progress labels Nov 20, 2023

Taaku18 closed this as completed in 2b66710 Nov 26, 2023

raidensakura pushed a commit to raidensakura/modmail that referenced this issue Apr 10, 2024

Fix modmail-dev#3291: Resolve code scanning alert for URL sanitization

044b85d

khakers pushed a commit to khakers/OpenModmail that referenced this issue Jun 18, 2024

Fix modmail-dev#3291: Resolve code scanning alert for URL sanitization

9d375df

(cherry picked from commit 2b66710)

khakers pushed a commit to khakers/OpenModmail that referenced this issue Jun 18, 2024

Fix modmail-dev#3291: Resolve code scanning alert for URL sanitization

ea37687

(cherry picked from commit 2b66710)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix code scanning alert - Incomplete URL substring sanitization #3291

Fix code scanning alert - Incomplete URL substring sanitization #3291

Taaku18 commented Jul 10, 2023

RealCyGuy commented Jul 10, 2023

Fix code scanning alert - Incomplete URL substring sanitization #3291

Fix code scanning alert - Incomplete URL substring sanitization #3291

Comments

Taaku18 commented Jul 10, 2023

RealCyGuy commented Jul 10, 2023