add importScripts as a sink for js/client-side-unvalidated-url-redirection

2026-04-30 19:26:02 +02:00 · 2020-09-14 15:58:29 +02:00
parent fee7ce6c7f
commit 2e3df74dce
1 changed files with 9 additions and 0 deletions
--- a/javascript/ql/src/semmle/javascript/security/dataflow/ClientSideUrlRedirectCustomizations.qll
+++ b/javascript/ql/src/semmle/javascript/security/dataflow/ClientSideUrlRedirectCustomizations.qll
@@ -132,6 +132,15 @@ module ClientSideUrlRedirect {
    }
  }

+  /**
+   * An argument to `importScripts(..)` - which is used inside `WebWorker`s to import new scripts - viewed as a `ScriptUrlSink`.
+   */
+  class ImportScriptsSink extends ScriptUrlSink {
+    ImportScriptsSink() {
+      this = DataFlow::globalVarRef("importScripts").getACall().getAnArgument()
+    }
+  }
+
  /**
   * A script or iframe `src` attribute, viewed as a `ScriptUrlSink`.
   */