hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 10:15:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Apply suggestions from code review

Browse Source 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
This commit is contained in:
Erik Krogh Kristensen
2021-05-06 21:59:35 +02:00
committed by GitHub
parent 2d1ba59e6d
commit be69c3a458
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
javascript/ql/src/semmle/javascript/security/dataflow/UnsafeHtmlConstructionCustomizations.qll
View File

@@ -38,7 +38,7 @@ module UnsafeHtmlConstruction {
/**
* A sink for unsafe HTML constructed from library input.
* This sink somehow transforms its input into a value that can cause XSS if it ends up in a XSS sink.
* This sink transforms its input into a value that can cause XSS if it ends up in a XSS sink.
*/
abstract class Sink extends DataFlow::Node {
/**
@@ -165,6 +165,7 @@ module UnsafeHtmlConstruction {
MarkdownSink() {
exists(DataFlow::Node pred, DataFlow::Node succ, Markdown::MarkdownStep step |
step.step(pred, succ) and
step.preservesHtml() and
this = pred and
succ = isUsedInXssSink(xssSink)
)
@@ -176,7 +177,7 @@ module UnsafeHtmlConstruction {
/**
* Holds if there is a path without unmatched return steps from `source` to `sink`.
*/
predicate requireMatchedReturn(DataFlow::SourcePathNode source, DataFlow::SinkPathNode sink) {
predicate hasPathWithoutUnmatchedReturn(DataFlow::SourcePathNode source, DataFlow::SinkPathNode sink) {
exists(DataFlow::MidPathNode mid |
source.getASuccessor*() = mid and
sink = mid.getASuccessor() and