hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-24 16:25:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Update ReflectedXssWithCustomSanitizer test

Browse Source
This commit is contained in:
Asger F
2023-10-06 15:25:07 +02:00
parent 85e8998067
commit bab639f23c
1 changed files with 5 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
javascript/ql/test/query-tests/Security/CWE-079/ReflectedXss/ReflectedXssWithCustomSanitizer.ql
View File

@@ -3,18 +3,17 @@
//
import javascript
import semmle.javascript.security.dataflow.ReflectedXssQuery
private import semmle.javascript.security.dataflow.Xss::Shared as SharedXss
class IsVarNameSanitizer extends TaintTracking::AdditionalSanitizerGuardNode, DataFlow::CallNode {
class IsVarNameSanitizer extends SharedXss::BarrierGuard, DataFlow::CallNode {
IsVarNameSanitizer() { this.getCalleeName() = "isVarName" }
override predicate sanitizes(boolean outcome, Expr e) {
override predicate blocksExpr(boolean outcome, Expr e) {
outcome = true and
e = this.getArgument(0).asExpr()
}
override predicate appliesTo(TaintTracking::Configuration cfg) { cfg instanceof Configuration }
}
from Configuration xss, Source source, Sink sink
where xss.hasFlow(source, sink)
from Source source, Sink sink
where ReflectedXssFlow::flow(source, sink)
select sink, "Cross-site scripting vulnerability due to $@.", source, "user-provided value"