hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 18:55:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: whitelist another emptiness check for the type-confusion query

Browse Source
This commit is contained in:
Esben Sparre Andreasen
2019-04-08 09:50:27 +02:00
parent 662ad4b2ca
commit 52d86471af
3 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
change-notes/1.21/analysis-javascript.md
View File

@@ -29,6 +29,7 @@
| Incomplete string escaping or encoding | More results | This rule now considers the flow of regular expressions literals. |
| Replacement of a substring with itself | More results | This rule now considers the flow of regular expressions literals. |
| Server-side URL redirect | Fewer false-positive results | This rule now treats URLs as safe in more cases where the hostname cannot be tampered with. |
| Type confusion through parameter tampering | Fewer false-positive results | This rule now recognizes additional emptiness checks. |
| Useless assignment to property | Fewer false-positive results | This rule now ignore reads of additional getters. |
## Changes to QL libraries