hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 17:25:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Add DOM event sources in Angular2 model

Browse Source
This commit is contained in:
Asger F
2025-01-09 13:13:58 +01:00
parent b8ba50a9ac
commit d4daa21318
3 changed files with 27 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
javascript/ql/test/query-tests/Security/CWE-079/XssThroughDom/XssThroughDom.expected
View File

@@ -42,6 +42,8 @@ edges
| xss-through-dom.js:154:25:154:27 | msg | xss-through-dom.js:155:27:155:29 | msg | provenance | |
| xss-through-dom.js:159:34:159:52 | $("textarea").val() | xss-through-dom.js:154:25:154:27 | msg | provenance | |
nodes
| angular.ts:11:24:11:41 | event.target.value | semmle.label | event.target.value |
| angular.ts:15:24:15:35 | target.value | semmle.label | target.value |
| forms.js:8:23:8:28 | values | semmle.label | values |
| forms.js:9:31:9:36 | values | semmle.label | values |
| forms.js:9:31:9:40 | values.foo | semmle.label | values.foo |
@@ -124,6 +126,8 @@ nodes
| xss-through-dom.js:159:34:159:52 | $("textarea").val() | semmle.label | $("textarea").val() |
subpaths
#select
| angular.ts:11:24:11:41 | event.target.value | angular.ts:11:24:11:41 | event.target.value | angular.ts:11:24:11:41 | event.target.value | $@ is reinterpreted as HTML without escaping meta-characters. | angular.ts:11:24:11:41 | event.target.value | DOM text |
| angular.ts:15:24:15:35 | target.value | angular.ts:15:24:15:35 | target.value | angular.ts:15:24:15:35 | target.value | $@ is reinterpreted as HTML without escaping meta-characters. | angular.ts:15:24:15:35 | target.value | DOM text |
| forms.js:9:31:9:40 | values.foo | forms.js:8:23:8:28 | values | forms.js:9:31:9:40 | values.foo | $@ is reinterpreted as HTML without escaping meta-characters. | forms.js:8:23:8:28 | values | DOM text |
| forms.js:12:31:12:40 | values.bar | forms.js:11:24:11:29 | values | forms.js:12:31:12:40 | values.bar | $@ is reinterpreted as HTML without escaping meta-characters. | forms.js:11:24:11:29 | values | DOM text |
| forms.js:25:23:25:34 | values.email | forms.js:24:15:24:20 | values | forms.js:25:23:25:34 | values.email | $@ is reinterpreted as HTML without escaping meta-characters. | forms.js:24:15:24:20 | values | DOM text |

4
javascript/ql/test/query-tests/Security/CWE-079/XssThroughDom/angular.ts
View File

@@ -8,10 +8,10 @@ import { Component } from "@angular/core";
})
export class Foo {
setInput1(event) {
document.write(event.target.value); // NOT OK [INCONSISTENCY]
document.write(event.target.value); // NOT OK
}
setInput2(target) {
document.write(target.value); // NOT OK [INCONSISTENCY]
document.write(target.value); // NOT OK
}
}