Merge pull request #5585 from asgerf/js/more-metadata

Approved by esbena
2026-04-30 19:26:02 +02:00 · 2021-04-01 13:13:01 +01:00
parent a1fab8ac52 c96ee8671e
commit 20416ae034
8 changed files with 8 additions and 0 deletions
--- a/javascript/ql/examples/queries/dataflow/BackendIdor/BackendIdor.ql
+++ b/javascript/ql/examples/queries/dataflow/BackendIdor/BackendIdor.ql
@@ -3,6 +3,7 @@
 * @description Finds cases where the 'userId' field in a request to another service
 *              is an arbitrary user-controlled value, indicating lack of authentication.
 * @kind path-problem
+ * @problem.severity error
 * @tags security
 * @id js/examples/backend-idor
 */
--- a/javascript/ql/examples/queries/dataflow/DecodingAfterSanitization/DecodingAfterSanitization.ql
+++ b/javascript/ql/examples/queries/dataflow/DecodingAfterSanitization/DecodingAfterSanitization.ql
@@ -3,6 +3,7 @@
 * @description Tracks the return value of 'escapeHtml' into 'decodeURI', indicating
 *              an ineffective sanitization attempt.
 * @kind path-problem
+ * @problem.severity error
 * @tags security
 * @id js/examples/decoding-after-sanitization
 */
--- a/javascript/ql/examples/queries/dataflow/DecodingAfterSanitization/DecodingAfterSanitizationGeneralized.ql
+++ b/javascript/ql/examples/queries/dataflow/DecodingAfterSanitization/DecodingAfterSanitizationGeneralized.ql
@@ -3,6 +3,7 @@
 * @description Tracks the return value of an HTML sanitizer into an escape-sequence decoder,
 *              indicating an ineffective sanitization attempt.
 * @kind path-problem
+ * @problem.severity error
 * @tags security
 * @id js/examples/decoding-after-sanitization-generalized
 */
--- a/javascript/ql/examples/queries/dataflow/EvalTaint/EvalTaintPath.ql
+++ b/javascript/ql/examples/queries/dataflow/EvalTaint/EvalTaintPath.ql
@@ -3,6 +3,7 @@
 * @description Tracks user-controlled values into 'eval' calls (special case of js/code-injection),
 *              and generates a visualizable path from the source to the sink.
 * @kind path-problem
+ * @problem.severity error
 * @tags security
 * @id js/examples/eval-taint-path
 */
--- a/javascript/ql/examples/queries/dataflow/InformationDisclosure/InformationDisclosure.ql
+++ b/javascript/ql/examples/queries/dataflow/InformationDisclosure/InformationDisclosure.ql
@@ -3,6 +3,7 @@
 * @description Tracks values from an 'authKey' property into a postMessage call with unrestricted origin,
 *              indicating a leak of sensitive information.
 * @kind path-problem
+ * @problem.severity warning
 * @tags security
 * @id js/examples/information-disclosure
 */
--- a/javascript/ql/examples/queries/dataflow/StoredXss/StoredXss.ql
+++ b/javascript/ql/examples/queries/dataflow/StoredXss/StoredXss.ql
@@ -2,6 +2,7 @@
 * @name Extension of standard query: Stored XSS
 * @description Extends the standard Stored XSS query with an additional source.
 * @kind path-problem
+ * @problem.severity error
 * @tags security
 * @id js/examples/stored-xss
 */
--- a/javascript/ql/examples/queries/dataflow/StoredXss/StoredXssTypeTracking.ql
+++ b/javascript/ql/examples/queries/dataflow/StoredXss/StoredXssTypeTracking.ql
@@ -3,6 +3,7 @@
 * @description Extends the standard Stored XSS query with an additional source,
 *              using TrackedNode to track MySQL connections globally.
 * @kind path-problem
+ * @problem.severity error
 * @tags security
 * @id js/examples/stored-xss-trackednode
 */
--- a/javascript/ql/examples/queries/dataflow/TemplateInjection/TemplateInjection.ql
+++ b/javascript/ql/examples/queries/dataflow/TemplateInjection/TemplateInjection.ql
@@ -2,6 +2,7 @@
 * @name Template injection
 * @description Tracks user-controlled values to an unescaped lodash template placeholder.
 * @kind path-problem
+ * @problem.severity error
 * @tags security
 * @id js/examples/template-injection
 */