hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

CWE 830 test where both branches in a ternary are unsafe

Browse Source
This commit is contained in:
Stephan Brandauer
2022-02-22 09:01:46 +01:00
parent 2934aa1a3a
commit d80cd1aeb5
3 changed files with 13 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
javascript/ql/src/Security/CWE-830/FunctionalityFromUntrustedSource.ql
View File

@@ -69,8 +69,7 @@ module StaticCreation {
}
override string getProblem() {
result =
"Script loaded from content delivery network with no integrity check."
result = "Script loaded from content delivery network with no integrity check."
}
}
@@ -78,7 +77,9 @@ module StaticCreation {
class IframeElementWithUntrustedContent extends AddsUntrustedUrl instanceof HTML::IframeElement {
IframeElementWithUntrustedContent() { isUntrustedSourceUrl(super.getSourcePath()) }
override string getProblem() { result = "HTML iframe element loaded using unencrypted connection." }
override string getProblem() {
result = "HTML iframe element loaded using unencrypted connection."
}
}
}