hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 01:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Remove mention of results from comments

Browse Source
This commit is contained in:
Asger F
2025-01-09 09:36:31 +01:00
parent fb54a3bde8
commit dd37c474d8
1 changed files with 0 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomQuery.qll
View File

@@ -12,8 +12,6 @@ private import semmle.javascript.security.dataflow.UnsafeJQueryPluginCustomizati
* A taint-tracking configuration for reasoning about XSS through the DOM.
*/
module XssThroughDomConfig implements DataFlow::ConfigSig {
// NOTE: Gained FP in Lucifier due to spurious source but with more data flow (I think).
// TODO: Seen unexplained FP in meteor, likely due to spurious flow into a callback coming from another call site
predicate isSource(DataFlow::Node source) { source instanceof Source }
predicate isSink(DataFlow::Node sink) { sink instanceof DomBasedXss::Sink }