We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
1 parent b1251f0 commit 9cf48fcCopy full SHA for 9cf48fc
1 file changed
javascript/ql/src/Security/CWE-178/CaseSensitiveMiddlewarePath.qhelp
@@ -7,6 +7,7 @@
7
<p>
8
Using a case-sensitive regular expression path in a middleware route enables an attacker to bypass that middleware
9
when accessing an endpoint with a case-insensitive path.
10
+Paths specified using a string are case insensitive, whereas regular expressions are case sensitive by default.
11
</p>
12
</overview>
13
0 commit comments