hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-22 15:25:18 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Fix a bug in isSafeClientSideUrlProperty

Browse Source
This commit is contained in:
Asger F
2024-09-11 15:09:03 +02:00
parent bc04131c72
commit 2712bf821a
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/test/library-tests/TaintedUrlSuffix/tst.js
View File

@@ -5,7 +5,7 @@ function t1() {
sink(href); // $ flow=tainted-url-suffix
sink(href.split('#')[0]); // $ MISSING: flow=tainted-url-suffix SPURIOUS: flow=taint
sink(href.split('#')[0]); // $ MISSING: flow=tainted-url-suffix
sink(href.split('#')[1]); // $ flow=taint
sink(href.split('#').pop()); // $ flow=taint
sink(href.split('#')[2]); // $ flow=taint