hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 01:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Mark AngularJS $location as client-side remote flow source

Browse Source
This commit is contained in:
Asger F
2025-05-27 09:47:43 +02:00
parent 860b3d76a8
commit 076e4a49d5
1 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
javascript/ql/lib/semmle/javascript/frameworks/AngularJS/AngularJSCore.qll
View File

@@ -550,20 +550,25 @@ class DirectiveTargetName extends string {
*
* See https://docs.angularjs.org/api/ng/service/$location for details.
*/
private class LocationFlowSource extends RemoteFlowSource instanceof DataFlow::MethodCallNode {
private class LocationFlowSource extends ClientSideRemoteFlowSource instanceof DataFlow::MethodCallNode
{
private ClientSideRemoteFlowKind kind;
LocationFlowSource() {
exists(ServiceReference service, string m, int n |
service.getName() = "$location" and
this = service.getAMethodCall(m) and
n = super.getNumArgument()
|
m = "search" and n < 2
m = "search" and n < 2 and kind.isQuery()
or
m = "hash" and n = 0
m = "hash" and n = 0 and kind.isFragment()
)
}
override string getSourceType() { result = "$location" }
override ClientSideRemoteFlowKind getKind() { result = kind }
}
/**