Python: Add change-note

RasmusWL · RasmusWL · commit 49d510018d2c · 2023-08-29T11:11:32.000+02:00
diff --git a/python/ql/src/change-notes/2023-08-29-fixed-jsonify-xss-fp.md b/python/ql/src/change-notes/2023-08-29-fixed-jsonify-xss-fp.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Improved _Reflected server-side cross-site scripting_ (`py/reflective-xss`) query to not alert on data passed to `flask.jsonify`. Since these HTTP responses are returned with mime-type `application/json`, they do not pose a security risk for XSS.

-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +---
 +category: minorAnalysis
 +---
 +* Improved _Reflected server-side cross-site scripting_ (`py/reflective-xss`) query to not alert on data passed to `flask.jsonify`. Since these HTTP responses are returned with mime-type `application/json`, they do not pose a security risk for XSS.