Merge pull request #2216 from asger-semmle/xss-encodeURIComponent

Approved by max-schaefer
2026-04-27 01:35:13 +02:00 · 2019-10-30 11:49:31 +00:00
parent ecd4c08cb4 94dd9a1c04
commit a778efe71e
2 changed files with 22 additions and 0 deletions
--- a/javascript/ql/test/query-tests/Security/CWE-079/encodeuri.js
+++ b/javascript/ql/test/query-tests/Security/CWE-079/encodeuri.js
@@ -0,0 +1,4 @@
+function test() {
+  let loc = window.location.href;
+  $('<a href="' + encodeURIComponent(loc) + '">click</a>'); // OK
+}