hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 20:25:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Update test

Browse Source
This commit is contained in:
Asger Feldthaus
2020-06-25 11:01:10 +01:00
parent 42f32bf76c
commit b867512db4
3 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
javascript/ql/test/query-tests/Security/CWE-079/Xss.expected
View File

@@ -331,6 +331,8 @@ nodes
| tst.js:194:54:194:60 | tainted |
| tst.js:195:45:195:51 | tainted |
| tst.js:195:45:195:51 | tainted |
| tst.js:196:49:196:55 | tainted |
| tst.js:196:49:196:55 | tainted |
| tst.js:200:9:200:42 | tainted |
| tst.js:200:19:200:35 | document.location |
| tst.js:200:19:200:35 | document.location |
@@ -749,6 +751,8 @@ edges
| tst.js:187:9:187:42 | tainted | tst.js:194:54:194:60 | tainted |
| tst.js:187:9:187:42 | tainted | tst.js:195:45:195:51 | tainted |
| tst.js:187:9:187:42 | tainted | tst.js:195:45:195:51 | tainted |
| tst.js:187:9:187:42 | tainted | tst.js:196:49:196:55 | tainted |
| tst.js:187:9:187:42 | tainted | tst.js:196:49:196:55 | tainted |
| tst.js:187:19:187:35 | document.location | tst.js:187:19:187:42 | documen ... .search |
| tst.js:187:19:187:35 | document.location | tst.js:187:19:187:42 | documen ... .search |
| tst.js:187:19:187:42 | documen ... .search | tst.js:187:9:187:42 | tainted |
@@ -925,6 +929,7 @@ edges
| tst.js:192:33:192:39 | tainted | tst.js:187:19:187:35 | document.location | tst.js:192:33:192:39 | tainted | Cross-site scripting vulnerability due to $@. | tst.js:187:19:187:35 | document.location | user-provided value |
| tst.js:194:54:194:60 | tainted | tst.js:187:19:187:35 | document.location | tst.js:194:54:194:60 | tainted | Cross-site scripting vulnerability due to $@. | tst.js:187:19:187:35 | document.location | user-provided value |
| tst.js:195:45:195:51 | tainted | tst.js:187:19:187:35 | document.location | tst.js:195:45:195:51 | tainted | Cross-site scripting vulnerability due to $@. | tst.js:187:19:187:35 | document.location | user-provided value |
| tst.js:196:49:196:55 | tainted | tst.js:187:19:187:35 | document.location | tst.js:196:49:196:55 | tainted | Cross-site scripting vulnerability due to $@. | tst.js:187:19:187:35 | document.location | user-provided value |
| tst.js:202:67:202:73 | tainted | tst.js:200:19:200:35 | document.location | tst.js:202:67:202:73 | tainted | Cross-site scripting vulnerability due to $@. | tst.js:200:19:200:35 | document.location | user-provided value |
| tst.js:203:67:203:73 | tainted | tst.js:200:19:200:35 | document.location | tst.js:203:67:203:73 | tainted | Cross-site scripting vulnerability due to $@. | tst.js:200:19:200:35 | document.location | user-provided value |
| tst.js:215:28:215:46 | this.state.tainted1 | tst.js:200:19:200:35 | document.location | tst.js:215:28:215:46 | this.state.tainted1 | Cross-site scripting vulnerability due to $@. | tst.js:200:19:200:35 | document.location | user-provided value |

4
javascript/ql/test/query-tests/Security/CWE-079/XssWithAdditionalSources.expected
View File

@@ -331,6 +331,8 @@ nodes
| tst.js:194:54:194:60 | tainted |
| tst.js:195:45:195:51 | tainted |
| tst.js:195:45:195:51 | tainted |
| tst.js:196:49:196:55 | tainted |
| tst.js:196:49:196:55 | tainted |
| tst.js:200:9:200:42 | tainted |
| tst.js:200:19:200:35 | document.location |
| tst.js:200:19:200:35 | document.location |
@@ -753,6 +755,8 @@ edges
| tst.js:187:9:187:42 | tainted | tst.js:194:54:194:60 | tainted |
| tst.js:187:9:187:42 | tainted | tst.js:195:45:195:51 | tainted |
| tst.js:187:9:187:42 | tainted | tst.js:195:45:195:51 | tainted |
| tst.js:187:9:187:42 | tainted | tst.js:196:49:196:55 | tainted |
| tst.js:187:9:187:42 | tainted | tst.js:196:49:196:55 | tainted |
| tst.js:187:19:187:35 | document.location | tst.js:187:19:187:42 | documen ... .search |
| tst.js:187:19:187:35 | document.location | tst.js:187:19:187:42 | documen ... .search |
| tst.js:187:19:187:42 | documen ... .search | tst.js:187:9:187:42 | tainted |

2
javascript/ql/test/query-tests/Security/CWE-079/tst.js
View File

@@ -193,7 +193,7 @@ function references() {
document.getElementsByClassName()[0].innerHTML = tainted; // NOT OK
getElementsByClassName()[0].innerHTML = tainted; // NOT OK
getElementsByClassName().item().innerHTML = tainted; // NOT OK, but not supported
getElementsByClassName().item().innerHTML = tainted; // NOT OK
}
function react(){