Merge pull request #927 from xiemaisi/js/ambiguous-id-attr-templates

Approved by esben-semmle
2026-04-28 10:15:14 +02:00 · 2019-02-13 08:35:41 +00:00
parent 0cb2c0994a 41eb1ff9d0
commit c422ade739
3 changed files with 34 additions and 12 deletions
--- a/javascript/ql/src/DOM/AmbiguousIdAttribute.ql
+++ b/javascript/ql/src/DOM/AmbiguousIdAttribute.ql
@@ -8,7 +8,7 @@
 * @id js/duplicate-html-id
 * @tags maintainability
 *       correctness
- * @precision very-high
+ * @precision high
 */

 import javascript
@@ -26,13 +26,8 @@ predicate idAt(
    id = attr.getStringValue() and
    root = elt.getRoot() and
    elt.getLocation().hasLocationInfo(_, line, column, _, _) and
-    not (
-      // exclude invalid ids (reported by another query)
-      DOM::isInvalidHtmlIdAttributeValue(attr, _)
-      or
-      // exclude attribute values that look like they might be templated
-      attr.mayHaveTemplateValue()
-    )
+    // exclude invalid ids (reported by another query)
+    not DOM::isInvalidHtmlIdAttributeValue(attr, _)
  )
 }

@@ -40,8 +35,10 @@ predicate idAt(
 * Holds if attributes `earlier` and `later` are id attributes with the same value in
 * the same document, and `earlier` appears textually before `later`.
 */
-predicate sameId(DOM::AttributeDefinition earlier, DOM::AttributeDefinition later) {
-  exists(string id, DOM::ElementDefinition root, int l1, int c1, int l2, int c2 |
+predicate sameId(
+  DOM::ElementDefinition root, DOM::AttributeDefinition earlier, DOM::AttributeDefinition later
+) {
+  exists(string id, int l1, int c1, int l2, int c2 |
    idAt(earlier, id, root, l1, c1) and idAt(later, id, root, l2, c2)
  |
    l1 < l2
@@ -50,6 +47,21 @@ predicate sameId(DOM::AttributeDefinition earlier, DOM::AttributeDefinition late
  )
 }

-from DOM::AttributeDefinition earlier, DOM::AttributeDefinition later
-where sameId(earlier, later) and not sameId(_, earlier)
+/**
+ * Holds if any attribute value in `root` looks like it is templated.
+ */
+predicate mayContainTemplates(DOM::ElementDefinition root) {
+  exists(DOM::AttributeDefinition attr |
+    attr.mayHaveTemplateValue() and
+    root = attr.getElement().getRoot()
+  )
+}
+
+from DOM::ElementDefinition root, DOM::AttributeDefinition earlier, DOM::AttributeDefinition later
+where
+  sameId(root, earlier, later) and
+  // only flag the first ambiguity if there are many
+  not sameId(root, _, earlier) and
+  // exclude templates
+  not mayContainTemplates(root)
 select earlier, "This element has the same id as $@.", later, "another element"
--- a/javascript/ql/test/query-tests/DOM/HTML/jinja2.html
+++ b/javascript/ql/test/query-tests/DOM/HTML/jinja2.html
@@ -0,0 +1,9 @@
+<html>
+<head><title></title></head>
+<body>
+{% if foo %}
+<a href="{{url}}" id="unique">foo</a>
+{% else %}
+<a href="{{url}}" id="unique">!foo</div>
+{% endif %}
+</body>