github code scanning shows some things that might be worth fixing #935
Description
I have been looking at github's code scanning. It has found some things in the wonder code that might be a problem.
I know. I was shocked also. :--)
Anyway, if anyone is interested, they are viewable as under the Security tab in my fork. See https://github.com/rkiddy/wonder
If you cannot see the Security tab, let me know and I can send you whatever info you want.
Here are the counts of what was found:
1 Arbitrary file write during archive extraction ("Zip Slip")
8 Building a command line with string concatenation
1 Client-side URL redirect
2 Client-side cross-site scripting
3 DOM text reinterpreted as HTML
4 Failure to use HTTPS or SFTP URL in Maven artifact upload/download
17 Implicit narrowing conversion in compound assignment
1 Incomplete URL scheme check
2 Incomplete URL substring sanitization
9 Incomplete multi-character sanitization
21 Incomplete string escaping or encoding
2 Inefficient regular expression
2 Prototype pollution in utility function
3 Query built without neutralizing special characters
7 Resolving XML external entity in user-controlled data
18 Result of multiplication cast to wider type
1 Uncontrolled data used in path expression
4 Unsafe expansion of self-closing HTML tag
1 Unsafe jQuery plugin
11 Useless regular-expression character escape