You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Thank you for this false positive report. Resolving this issue is not a current product priority, but we acknowledge the report and will track it internally for future consideration, or if we observe repeated instances of the same problem.
Description of the false positive
A simple, valid e-mail address inside an e-mail message triggers https://codeql.github.com/codeql-query-help/go/go-email-injection/
The rule also triggers on valid html, although the security model in
html/template
should make it safe.Code samples
Another example where
html/template
takes care of escaping the html content.The text was updated successfully, but these errors were encountered: