hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 04:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Use StringOps to identify functions used for verifing the origin

Browse Source
This commit is contained in:
ubuntu
2020-06-18 19:41:07 +02:00
parent c490cfdfa5
commit 71a7ec593c
1 changed files with 5 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
javascript/ql/src/experimental/Security/CWE-020/PostMessageNoOriginCheck.ql
View File

@@ -17,14 +17,12 @@ import semmle.javascript.security.dataflow.DOM
/**
* A method call for the insecure functions used to verify the `MessageEvent.origin`.
*/
class InsufficientOriginChecks extends DataFlow::MethodCallNode {
class InsufficientOriginChecks extends DataFlow::Node {
InsufficientOriginChecks() {
exists(string name | name = getMethodName() |
name = "indexOf" or
name = "includes" or
name = "endsWith" or
name = "startsWith" or
name = "lastIndexOf"
exists(DataFlow::Node node |
this.(StringOps::StartsWith).getSubstring() = node or
this.(StringOps::Includes).getSubstring() = node or
this.(StringOps::EndsWith).getSubstring() = node
)
}
}