JS: Added test case for bad sanitizer with unknown flags, currently not flagged.

2026-04-27 17:55:19 +02:00 · 2024-11-26 09:35:27 +01:00
parent 38be0e4c0a
commit 89f3b6f8d3
1 changed files with 4 additions and 0 deletions
--- a/javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/tst.js
+++ b/javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/tst.js
@@ -332,3 +332,7 @@ function incompleteComplexSanitizers() {
 function typicalBadHtmlSanitizers(s) {
 	s().replace(new RegExp("[<>]", "g"),''); // NOT OK
 }
+
+function typicalBadHtmlSanitizers(s) {
+	s().replace(new RegExp("[<>]", unknown()),''); // NOT OK -- should be flagged, because it is st ill a bad sanitizer
+}