hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

recognize more HTML attribute concatenations

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2020-05-26 12:36:24 +02:00
parent 5fb76df44f
commit a9bea63019
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
javascript/ql/src/semmle/javascript/security/dataflow/IncompleteHtmlAttributeSanitizationCustomizations.qll
View File

@@ -51,8 +51,11 @@ module IncompleteHtmlAttributeSanitization {
string lhs;
HtmlAttributeConcatenation() {
lhs = this.getPreviousLeaf().getStringValue().regexpCapture("(.*)=\"[^\"]*", 1) and
this.getNextLeaf().getStringValue().regexpMatch(".*\".*")
lhs = this.getPreviousLeaf().getStringValue().regexpCapture("((?:[\n\r]|.)*)=\"[^\"]*", 1) and
(
this.getNextLeaf().getStringValue().regexpMatch(".*\".*") or
this.getRoot().getConstantStringParts().regexpMatch("(?:[\n\r]|.)*</.*")
)
}
/**