JS: introduce HTML::ScriptElement::getScript()

2026-04-14 11:34:00 +02:00 · 2019-01-28 15:40:30 +01:00
parent a78dd422b6
commit 5e2b1c026a
5 changed files with 56 additions and 0 deletions
--- a/javascript/ql/src/semmle/javascript/HTML.qll
+++ b/javascript/ql/src/semmle/javascript/HTML.qll
@@ -159,6 +159,40 @@ module HTML {
     * if it can be determined.
     */
    Script resolveSource() { result.getFile().getAbsolutePath() = resolveSourcePath() }
+
+    /**
+     * Gets the inline script of this script element, if any.
+     */
+    private InlineScript getInlineScript() {
+      exists(string f, Location l1, int sl1, int sc1, int el1, int ec1, Location l2, int sl2, int sc2, int el2, int ec2 |
+        l1 = getLocation() and
+        l2 = result.getLocation() and
+        l1.hasLocationInfo(f, sl1, sc1, el1, ec1) and
+        l2.hasLocationInfo(f, sl2, sc2, el2, ec2)
+        |
+        (
+          sl1 = sl2 and sc1 < sc2
+          or
+          sl1 < sl2
+        ) and
+        (
+          el1 = el2 and ec1 > ec2
+          or
+          el1 > el2
+        )
+      ) and
+      // the src attribute has precedence
+      not exists(getSourcePath())
+    }
+
+    /**
+     * Gets the script of this element, if it can be determined.
+     */
+    Script getScript() {
+      result = getInlineScript() or
+      result = resolveSource()
+    }
+
  }

  /**
--- a/javascript/ql/test/library-tests/HTML/HtmlScript/ScriptElement_getScript.expected
+++ b/javascript/ql/test/library-tests/HTML/HtmlScript/ScriptElement_getScript.expected
@@ -0,0 +1,4 @@
+| tst.html:2:3:2:32 | <script>...</> | tst.js:1:1:2:0 | <toplevel> |
+| tst.html:5:3:5:38 | <script>...</> | tst.js:1:1:2:0 | <toplevel> |
+| tst.html:8:3:8:25 | <script>...</> | tst.html:8:11:8:16 | <toplevel> |
+| tst.html:9:3:11:11 | <script>...</> | tst.html:9:11:11:2 | <toplevel> |
--- a/javascript/ql/test/library-tests/HTML/HtmlScript/ScriptElement_getScript.ql
+++ b/javascript/ql/test/library-tests/HTML/HtmlScript/ScriptElement_getScript.ql
@@ -0,0 +1,5 @@
+import javascript
+
+
+from HTML::ScriptElement e
+select e, e.getScript()
--- a/javascript/ql/test/library-tests/HTML/HtmlScript/tst.html
+++ b/javascript/ql/test/library-tests/HTML/HtmlScript/tst.html
@@ -0,0 +1,12 @@
+<html>
+  <script src="tst.js"></script>
+  <script src="does-not-exist.js"></script>
+
+  <script src="tst.js">inline</script>
+  <script src="does-not-exist.js">inline</script>
+
+  <script>inline</script>
+  <script>
+    inline
+  </script>
+</html>
--- a/javascript/ql/test/library-tests/HTML/HtmlScript/tst.js
+++ b/javascript/ql/test/library-tests/HTML/HtmlScript/tst.js
@@ -0,0 +1 @@
+not_inline