mirror of
https://github.com/github/codeql.git
synced 2026-05-04 21:25:44 +02:00
JavaScript: Fix semantic merge conflict.
https://github.com/Semmle/ql/pull/698 removed `document.cookie` as a remote flow source, which some of the tests relied on. We now use `location.search` instead.
This commit is contained in:
Max Schaefer
@@ -52,60 +52,6 @@
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | XmlBomb |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | XpathInjection |
|
||||
| (parameter 0 (member h (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member h (root https://www.npmjs.com/package/infer-sources))) | taint | Xxe |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | BrokenCryptoAlgorithm |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | ClearTextStorage |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | ClientSideUrlRedirect |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | CodeInjection |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | CommandInjection |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | ConditionalBypass |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | CorsMisconfigurationForCredentials |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | DifferentKindsComparisonBypass |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | DomBasedXss |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | FileAccessToHttp |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | InsecureRandomness |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | InsufficientPasswordHash |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | NosqlInjection |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | ReflectedXss |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | RegExpInjection |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | RemotePropertyInjection |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | RequestForgery |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | ServerSideUrlRedirect |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | SqlInjection |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | StackTraceExposure |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | StoredXss |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | TaintedFormatString |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | TaintedPath |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | UnsafeDeserialization |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | XmlBomb |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | XpathInjection |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | data | Xxe |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | BrokenCryptoAlgorithm |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | ClearTextStorage |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | ClientSideUrlRedirect |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | CodeInjection |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | CommandInjection |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | ConditionalBypass |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | CorsMisconfigurationForCredentials |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | DifferentKindsComparisonBypass |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | DomBasedXss |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | FileAccessToHttp |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | InsecureRandomness |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | InsufficientPasswordHash |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | NosqlInjection |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | ReflectedXss |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | RegExpInjection |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | RemotePropertyInjection |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | RequestForgery |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | ServerSideUrlRedirect |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | SqlInjection |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | StackTraceExposure |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | StoredXss |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | TaintedFormatString |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | TaintedPath |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | UnsafeDeserialization |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | XmlBomb |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | XpathInjection |
|
||||
| (parameter 0 (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notACookieSource (root https://www.npmjs.com/package/infer-sources))) | taint | Xxe |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | BrokenCryptoAlgorithm |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | ClearTextStorage |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | data | ClientSideUrlRedirect |
|
||||
@@ -160,3 +106,57 @@
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | XmlBomb |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | XpathInjection |
|
||||
| (parameter 0 (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notASink (root https://www.npmjs.com/package/infer-sources))) | taint | Xxe |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | BrokenCryptoAlgorithm |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | ClearTextStorage |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | ClientSideUrlRedirect |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | CodeInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | CommandInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | ConditionalBypass |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | CorsMisconfigurationForCredentials |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | DifferentKindsComparisonBypass |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | DomBasedXss |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | FileAccessToHttp |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | InsecureRandomness |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | InsufficientPasswordHash |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | NosqlInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | ReflectedXss |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | RegExpInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | RemotePropertyInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | RequestForgery |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | ServerSideUrlRedirect |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | SqlInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | StackTraceExposure |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | StoredXss |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | TaintedFormatString |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | TaintedPath |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | UnsafeDeserialization |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | XmlBomb |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | XpathInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | data | Xxe |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | BrokenCryptoAlgorithm |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | ClearTextStorage |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | ClientSideUrlRedirect |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | CodeInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | CommandInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | ConditionalBypass |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | CorsMisconfigurationForCredentials |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | DifferentKindsComparisonBypass |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | DomBasedXss |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | FileAccessToHttp |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | InsecureRandomness |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | InsufficientPasswordHash |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | NosqlInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | ReflectedXss |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | RegExpInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | RemotePropertyInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | RequestForgery |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | ServerSideUrlRedirect |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | SqlInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | StackTraceExposure |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | StoredXss |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | TaintedFormatString |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | TaintedPath |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | UnsafeDeserialization |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | XmlBomb |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | XpathInjection |
|
||||
| (parameter 0 (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | (return (member notATaintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | Xxe |
|
||||
|
||||
@@ -18,20 +18,9 @@
|
||||
| (parameter 0 (parameter 0 (member listen (root https://www.npmjs.com/package/infer-sources)))) | taint | XmlBomb |
|
||||
| (parameter 0 (parameter 0 (member listen (root https://www.npmjs.com/package/infer-sources)))) | taint | XpathInjection |
|
||||
| (parameter 0 (parameter 0 (member listen (root https://www.npmjs.com/package/infer-sources)))) | taint | Xxe |
|
||||
| (return (member cookieSource (root https://www.npmjs.com/package/infer-sources))) | data | ClientSideUrlRedirect |
|
||||
| (return (member cookieSource (root https://www.npmjs.com/package/infer-sources))) | data | CodeInjection |
|
||||
| (return (member cookieSource (root https://www.npmjs.com/package/infer-sources))) | data | CommandInjection |
|
||||
| (return (member cookieSource (root https://www.npmjs.com/package/infer-sources))) | data | ConditionalBypass |
|
||||
| (return (member cookieSource (root https://www.npmjs.com/package/infer-sources))) | data | CorsMisconfigurationForCredentials |
|
||||
| (return (member cookieSource (root https://www.npmjs.com/package/infer-sources))) | data | DomBasedXss |
|
||||
| (return (member cookieSource (root https://www.npmjs.com/package/infer-sources))) | data | NosqlInjection |
|
||||
| (return (member cookieSource (root https://www.npmjs.com/package/infer-sources))) | data | RegExpInjection |
|
||||
| (return (member cookieSource (root https://www.npmjs.com/package/infer-sources))) | data | RemotePropertyInjection |
|
||||
| (return (member cookieSource (root https://www.npmjs.com/package/infer-sources))) | data | RequestForgery |
|
||||
| (return (member cookieSource (root https://www.npmjs.com/package/infer-sources))) | data | SqlInjection |
|
||||
| (return (member cookieSource (root https://www.npmjs.com/package/infer-sources))) | data | TaintedFormatString |
|
||||
| (return (member cookieSource (root https://www.npmjs.com/package/infer-sources))) | data | TaintedPath |
|
||||
| (return (member cookieSource (root https://www.npmjs.com/package/infer-sources))) | data | UnsafeDeserialization |
|
||||
| (return (member cookieSource (root https://www.npmjs.com/package/infer-sources))) | data | XmlBomb |
|
||||
| (return (member cookieSource (root https://www.npmjs.com/package/infer-sources))) | data | XpathInjection |
|
||||
| (return (member cookieSource (root https://www.npmjs.com/package/infer-sources))) | data | Xxe |
|
||||
| (return (member taintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | ClientSideUrlRedirect |
|
||||
| (return (member taintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | CodeInjection |
|
||||
| (return (member taintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | DomBasedXss |
|
||||
| (return (member taintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | XmlBomb |
|
||||
| (return (member taintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | XpathInjection |
|
||||
| (return (member taintedSource (root https://www.npmjs.com/package/infer-sources))) | taint | Xxe |
|
||||
|
||||
@@ -135,23 +135,23 @@ function notASink(foo) {
|
||||
// this call should not make parameter `foo` a command injection sink
|
||||
eval(notASink(42));
|
||||
|
||||
function cookieSource() {
|
||||
return document.cookie;
|
||||
function taintedSource() {
|
||||
return location.search;
|
||||
}
|
||||
|
||||
function notACookieSource(x) {
|
||||
function notATaintedSource(x) {
|
||||
return x;
|
||||
}
|
||||
|
||||
// this call should not make the return value of `notACookieSource` a remote flow source
|
||||
notACookieSource(document.cookie);
|
||||
// this call should not make the return value of `notATaintedSource` a remote flow source
|
||||
notATaintedSource(location.search);
|
||||
|
||||
function invoke(cb, x) {
|
||||
cb(x);
|
||||
}
|
||||
|
||||
// this call should not make the first argument to `cb` above a remote flow source
|
||||
invoke((x)=>x, document.cookie);
|
||||
invoke((x)=>x, location.search);
|
||||
|
||||
function g(x) {
|
||||
h(x);
|
||||
@@ -183,8 +183,8 @@ module.exports = {
|
||||
redirect: redirect,
|
||||
reflected: reflected,
|
||||
notASink: notASink,
|
||||
cookieSource: cookieSource,
|
||||
notACookieSource: notACookieSource,
|
||||
taintedSource: taintedSource,
|
||||
notATaintedSource: notATaintedSource,
|
||||
invoke: invoke,
|
||||
g: g,
|
||||
h: h,
|
||||
|
||||
Reference in New Issue
Block a user