René's URL Explorer Experiment

Title: Add missing string replacement sanitizers to log-injection and string-break by owen-mc · Pull Request #731 · github/codeql-go · GitHub

Open Graph Title: Add missing string replacement sanitizers to log-injection and string-break by owen-mc · Pull Request #731 · github/codeql-go

X Title: Add missing string replacement sanitizers to log-injection and string-break by owen-mc · Pull Request #731 · github/codeql-go

Description: strings.Replacer.Replace and strings.Replacer.WriteString

Open Graph Description: strings.Replacer.Replace and strings.Replacer.WriteString

X Description: strings.Replacer.Replace and strings.Replacer.WriteString

Opengraph URL: https://github.com/github/codeql-go/pull/731

X: @github

direct link

Domain: github.com

route-pattern	/_view_fragments/voltron/pull_requests/show/:user_id/:repository/:id/pull_request_layout(.:format)
route-controller	voltron_pull_requests_fragments
route-action	pull_request_layout
fetch-nonce	v2:9fc87ff5-dcc5-0e33-e12a-50d50b520656
current-catalog-service-hash	ae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b
request-id	CB46:320F8E:3AE625:521AE1:696A749E
html-safe-nonce	dcc8c0f84da554ad54c7c812b243845e075d6c85e3214871cafffbecedcf7375
visitor-payload	eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJDQjQ2OjMyMEY4RTozQUU2MjU6NTIxQUUxOjY5NkE3NDlFIiwidmlzaXRvcl9pZCI6IjgyMDA0MjE0NjcwNzM3MDUxMTgiLCJyZWdpb25fZWRnZSI6ImlhZCIsInJlZ2lvbl9yZW5kZXIiOiJpYWQifQ==
visitor-hmac	28a08db151edbec9992cd1926bb51c6019495b0047964e032396ea8b71ea0f0a
hovercard-subject-tag	pull_request:927646058
github-keyboard-shortcuts	repository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot
google-site-verification	Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-url	https://collector.github.com/github/collect
analytics-location	///voltron/pull_requests_fragments/pull_request_layout
fb:app_id	1401488693436528
apple-itunes-app	app-id=1477376905, app-argument=https://github.com/_view_fragments/voltron/pull_requests/show/github/codeql-go/731/pull_request_layout
twitter:image	https://opengraph.githubassets.com/94aae6b601bb377e17e321b92c264a7bbac63a1e70080f6b083baee466d13a2a/github/codeql-go/pull/731
twitter:card	summary_large_image
og:image	https://opengraph.githubassets.com/94aae6b601bb377e17e321b92c264a7bbac63a1e70080f6b083baee466d13a2a/github/codeql-go/pull/731
og:image:alt	strings.Replacer.Replace and strings.Replacer.WriteString
og:image:width	1200
og:image:height	600
og:site_name	GitHub
og:type	object
og:author:username	owen-mc
hostname	github.com
expected-hostname	github.com
None	cfa223d62d272274e0b68350b4bd7741f3ca7498b8c4b8b1bc1e6deabbdbc09d
turbo-cache-control	no-preview
go-import	github.com/github/codeql-go git https://github.com/github/codeql-go.git
octolytics-dimension-user_id	9919
octolytics-dimension-user_login	github
octolytics-dimension-repository_id	218150891
octolytics-dimension-repository_nwo	github/codeql-go
octolytics-dimension-repository_public	true
octolytics-dimension-repository_is_fork	false
octolytics-dimension-repository_network_root_id	218150891
octolytics-dimension-repository_network_root_nwo	github/codeql-go
turbo-body-classes	logged-out env-production page-responsive
disable-turbo	false
browser-stats-url	https://api.github.com/_private/browser/stats
browser-errors-url	https://api.github.com/_private/browser/errors
release	6a0b6893c221f98f607598e939299fdf5763435d
ui-target	full
theme-color	#1e2327
color-scheme	light dark

Links:

Skip to content	https://github.com/github/codeql-go/pull/731#start-of-content
	https://github.com/
Sign in	https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fgithub%2Fcodeql-go%2Fpull%2F731
GitHub CopilotWrite better code with AI	https://github.com/features/copilot
GitHub SparkBuild and deploy intelligent apps	https://github.com/features/spark
GitHub ModelsManage and compare prompts	https://github.com/features/models
MCP RegistryNewIntegrate external tools	https://github.com/mcp
ActionsAutomate any workflow	https://github.com/features/actions
CodespacesInstant dev environments	https://github.com/features/codespaces
IssuesPlan and track work	https://github.com/features/issues
Code ReviewManage code changes	https://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilities	https://github.com/security/advanced-security
Code securitySecure your code as you build	https://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they start	https://github.com/security/advanced-security/secret-protection
Why GitHub	https://github.com/why-github
Documentation	https://docs.github.com
Blog	https://github.blog
Changelog	https://github.blog/changelog
Marketplace	https://github.com/marketplace
View all features	https://github.com/features
Enterprises	https://github.com/enterprise
Small and medium teams	https://github.com/team
Startups	https://github.com/enterprise/startups
Nonprofits	https://github.com/solutions/industry/nonprofits
App Modernization	https://github.com/solutions/use-case/app-modernization
DevSecOps	https://github.com/solutions/use-case/devsecops
DevOps	https://github.com/solutions/use-case/devops
CI/CD	https://github.com/solutions/use-case/ci-cd
View all use cases	https://github.com/solutions/use-case
Healthcare	https://github.com/solutions/industry/healthcare
Financial services	https://github.com/solutions/industry/financial-services
Manufacturing	https://github.com/solutions/industry/manufacturing
Government	https://github.com/solutions/industry/government
View all industries	https://github.com/solutions/industry
View all solutions	https://github.com/solutions
AI	https://github.com/resources/articles?topic=ai
Software Development	https://github.com/resources/articles?topic=software-development
DevOps	https://github.com/resources/articles?topic=devops
Security	https://github.com/resources/articles?topic=security
View all topics	https://github.com/resources/articles
Customer stories	https://github.com/customer-stories
Events & webinars	https://github.com/resources/events
Ebooks & reports	https://github.com/resources/whitepapers
Business insights	https://github.com/solutions/executive-insights
GitHub Skills	https://skills.github.com
Documentation	https://docs.github.com
Customer support	https://support.github.com
Community forum	https://github.com/orgs/community/discussions
Trust center	https://github.com/trust-center
Partners	https://github.com/partners
GitHub SponsorsFund open source developers	https://github.com/sponsors
Security Lab	https://securitylab.github.com
Maintainer Community	https://maintainers.github.com
Accelerator	https://github.com/accelerator
Archive Program	https://archiveprogram.github.com
Topics	https://github.com/topics
Trending	https://github.com/trending
Collections	https://github.com/collections
Enterprise platformAI-powered developer platform	https://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security features	https://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI features	https://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 support	https://github.com/premium-support
Pricing	https://github.com/pricing
Search syntax tips	https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentation	https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in	https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fgithub%2Fcodeql-go%2Fpull%2F731
Sign up	https://github.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fvoltron%2Fpull_requests_fragments%2Fpull_request_layout&source=header-repo&source_repo=github%2Fcodeql-go
Reload	https://github.com/github/codeql-go/pull/731
Reload	https://github.com/github/codeql-go/pull/731
Reload	https://github.com/github/codeql-go/pull/731
github	https://github.com/github
codeql-go	https://github.com/github/codeql-go
Notifications	https://github.com/login?return_to=%2Fgithub%2Fcodeql-go
Fork 126	https://github.com/login?return_to=%2Fgithub%2Fcodeql-go
Star 464	https://github.com/login?return_to=%2Fgithub%2Fcodeql-go
Code	https://github.com/github/codeql-go
Issues 1	https://github.com/github/codeql-go/issues
Pull requests 6	https://github.com/github/codeql-go/pulls
Actions	https://github.com/github/codeql-go/actions
Projects 0	https://github.com/github/codeql-go/projects
Models	https://github.com/github/codeql-go/models
Security Uh oh! There was an error while loading. Please reload this page.	https://github.com/github/codeql-go/security
Please reload this page	https://github.com/github/codeql-go/pull/731
Insights	https://github.com/github/codeql-go/pulse
Code	https://github.com/github/codeql-go
Issues	https://github.com/github/codeql-go/issues
Pull requests	https://github.com/github/codeql-go/pulls
Actions	https://github.com/github/codeql-go/actions
Projects	https://github.com/github/codeql-go/projects
Models	https://github.com/github/codeql-go/models
Security	https://github.com/github/codeql-go/security
Insights	https://github.com/github/codeql-go/pulse
owen-mc	https://github.com/owen-mc
github:main	https://github.com/github/codeql-go/tree/main
owen-mc:log-injection-sanitizer-newreplacer-replace	https://github.com/owen-mc/codeql-go/tree/log-injection-sanitizer-newreplacer-replace
Add missing string replacement sanitizers to log-injection and string-break	https://github.com/github/codeql-go/pull/731#top
owen-mc	https://github.com/owen-mc
github:main	https://github.com/github/codeql-go/tree/main
owen-mc:log-injection-sanitizer-newreplacer-replace	https://github.com/owen-mc/codeql-go/tree/log-injection-sanitizer-newreplacer-replace
Conversation 7	https://github.com/github/codeql-go/pull/731
Commits 5	https://github.com/github/codeql-go/pull/731/commits
Checks 0	https://github.com/github/codeql-go/pull/731/checks
Files changed	https://github.com/github/codeql-go/pull/731/files
Please reload this page	https://github.com/github/codeql-go/pull/731
	https://github.co/hiddenchars
	https://github.com/github/codeql-go/pull/{{ revealButtonHref }}
	https://github.com/owen-mc
owen-mc	https://github.com/owen-mc
May 4, 2022	https://github.com/github/codeql-go/pull/731#issue-1225396199
Please reload this page	https://github.com/github/codeql-go/pull/731
owen-mc	https://github.com/owen-mc
May 4, 2022 14:25	https://github.com/github/codeql-go/pull/731#commits-pushed-81ccc40
	https://github.com/owen-mc
Make strings.Replacer.Replace a sanitizer for log injection	https://github.com/github/codeql-go/pull/731/commits/81ccc40a941a55aa071194fcca431c6e96d52af5
81ccc40	https://github.com/github/codeql-go/pull/731/commits/81ccc40a941a55aa071194fcca431c6e96d52af5
	https://github.com/owen-mc
Make strings.Replacer.WriteString a sanitizer for log injection	https://github.com/github/codeql-go/pull/731/commits/3ab9bd3f22a62f0ff97172cf0a2309672d6a39b4
3ab9bd3	https://github.com/github/codeql-go/pull/731/commits/3ab9bd3f22a62f0ff97172cf0a2309672d6a39b4
	https://github.com/owen-mc
owen-mc	https://github.com/owen-mc
code owner	https://github.com/github/codeql-go/blob/ee94eb5962336288d5fd204cbb20c873329b795d/CODEOWNERS#L1
May 4, 2022 13:45	https://github.com/github/codeql-go/pull/731#event-6548657347
	https://github.com/owen-mc
owen-mc	https://github.com/owen-mc
May 4, 2022	https://github.com/github/codeql-go/pull/731#ref-issue-1223822385
False positive in go/log-injection github/codeql#9016	https://github.com/github/codeql/issues/9016
	https://github.com/owen-mc
owen-mc	https://github.com/owen-mc
May 4, 2022	https://github.com/github/codeql-go/pull/731#issuecomment-1117343263
Please reload this page	https://github.com/github/codeql-go/pull/731
	https://github.com/owen-mc
owen-mc	https://github.com/owen-mc
May 4, 2022	https://github.com/github/codeql-go/pull/731#issuecomment-1117344882
Please reload this page	https://github.com/github/codeql-go/pull/731
the other place where string replacement is a sanitizer	https://github.com/github/codeql-go/blob/main/ql/lib/semmle/go/security/StringBreakCustomizations.qll#L88
Please reload this page	https://github.com/github/codeql-go/pull/731
owen-mc	https://github.com/owen-mc
May 4, 2022 15:30	https://github.com/github/codeql-go/pull/731#commits-pushed-2a0fdd1
	https://github.com/owen-mc
Add extra replace sanitizers to StringBreak	https://github.com/github/codeql-go/pull/731/commits/2a0fdd1c67f139d2c56032a542e712585945619a
2a0fdd1	https://github.com/github/codeql-go/pull/731/commits/2a0fdd1c67f139d2c56032a542e712585945619a
	https://github.com/owen-mc
Add change note	https://github.com/github/codeql-go/pull/731/commits/926136d3c102ee4ab8aff9ec6e4b63397e3c95df
926136d	https://github.com/github/codeql-go/pull/731/commits/926136d3c102ee4ab8aff9ec6e4b63397e3c95df
	https://github.com/owen-mc
owen-mc	https://github.com/owen-mc
May 4, 2022	https://github.com/github/codeql-go/pull/731#event-6549081676
	https://github.com/smowton
smowton	https://github.com/smowton
May 4, 2022	https://github.com/github/codeql-go/pull/731#pullrequestreview-962486328
View reviewed changes	https://github.com/github/codeql-go/pull/731/files/926136d3c102ee4ab8aff9ec6e4b63397e3c95df
smowton	https://github.com/smowton
	https://github.com/github/codeql-go/pull/731#pullrequestreview-962486328
Learn more	https://docs.github.com/articles/managing-disruptive-comments/#hiding-a-comment
Please reload this page	https://github.com/github/codeql-go/pull/731
ql/lib/semmle/go/security/StringBreakCustomizations.qll	https://github.com/github/codeql-go/pull/731/files/926136d3c102ee4ab8aff9ec6e4b63397e3c95df#diff-6214e66016718f6df4e61134ec858749edf57b4325cc612969f4a6ba628f0b68
smowton	https://github.com/smowton
May 4, 2022	https://github.com/github/codeql-go/pull/731#discussion_r865278257
Learn more	https://docs.github.com/articles/managing-disruptive-comments/#hiding-a-comment
Please reload this page	https://github.com/github/codeql-go/pull/731
ql/lib/semmle/go/security/StringBreakCustomizations.qll	https://github.com/github/codeql-go/pull/731/files/926136d3c102ee4ab8aff9ec6e4b63397e3c95df#diff-6214e66016718f6df4e61134ec858749edf57b4325cc612969f4a6ba628f0b68
smowton	https://github.com/smowton
May 4, 2022	https://github.com/github/codeql-go/pull/731#discussion_r865287928
Learn more	https://docs.github.com/articles/managing-disruptive-comments/#hiding-a-comment
Please reload this page	https://github.com/github/codeql-go/pull/731
	https://github.com/owen-mc
Address review comments	https://github.com/github/codeql-go/pull/731/commits/af3d6b0ca65b0ec914fec94a4f46b71c6e74ac67
af3d6b0	https://github.com/github/codeql-go/pull/731/commits/af3d6b0ca65b0ec914fec94a4f46b71c6e74ac67
	https://github.com/owen-mc
owen-mc	https://github.com/owen-mc
May 5, 2022	https://github.com/github/codeql-go/pull/731#issuecomment-1118205904
@smowton	https://github.com/smowton
Please reload this page	https://github.com/github/codeql-go/pull/731
	https://github.com/smowton
smowton	https://github.com/smowton
May 7, 2022	https://github.com/github/codeql-go/pull/731#issuecomment-1120258695
Please reload this page	https://github.com/github/codeql-go/pull/731
	https://github.com/owen-mc
owen-mc	https://github.com/owen-mc
Jan 17, 2023	https://github.com/github/codeql-go/pull/731#ref-pullrequest-1536467709
Add missing string replacement sanitizers to log-injection and string-break github/codeql#11910	https://github.com/github/codeql/pull/11910
Sign up for free	https://github.com/join?source=comment-repo
Sign in	https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fgithub%2Fcodeql-go%2Fpull%2F731
	https://github.com/smowton
smowton	https://github.com/smowton
	https://github.com/github/codeql-go/pull/731/files/926136d3c102ee4ab8aff9ec6e4b63397e3c95df
Please reload this page	https://github.com/github/codeql-go/pull/731
	https://github.com/owen-mc
	https://github.com/smowton
	https://github.com
Terms	https://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacy	https://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Security	https://github.com/security
Status	https://www.githubstatus.com/
Community	https://github.community/
Docs	https://docs.github.com/
Contact	https://support.github.com?tags=dotcom-footer

Viewport: width=device-width

URLs of crawlers that visited me.