hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

add comment about filtering away jQuery from the source

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2021-05-10 10:05:18 +02:00
parent b53759c5a0
commit 3fe5dd0f35
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
javascript/ql/src/semmle/javascript/security/dataflow/UnsafeHtmlConstructionCustomizations.qll
View File

@@ -25,6 +25,7 @@ module UnsafeHtmlConstruction {
class ExternalInputSource extends Source, DataFlow::ParameterNode {
ExternalInputSource() {
this = Exports::getALibraryInputParameter() and
// An AMD-style module sometimes loads the jQuery library in a way which looks like library input.
not this = JQuery::dollarSource()
}
}