mirror of
https://github.com/github/codeql.git
synced 2025-12-16 16:53:25 +01:00
Merge pull request #2143 from esben-semmle/js/fix-all-sanitisers
Approved by xiemaisi
This commit is contained in:
semmle-qlci
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* sensitive information in broken or weak cryptographic algorithms,
|
||||
* as well as extension points for adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* clear-text logging of sensitive information, as well as extension
|
||||
* points for adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* cleartext storage of sensitive information, as well as extension
|
||||
* points for adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* unvalidated URL redirection problems on the client side, as well as
|
||||
* extension points for adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* code injection vulnerabilities, as well as extension points for
|
||||
* adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* command-injection vulnerabilities, as well as extension points for
|
||||
* adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* bypass of sensitive action guards, as well as extension points for
|
||||
* adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* CORS misconfiguration for credentials transfer, as well as
|
||||
* extension points for adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* comparisons that relies on different kinds of HTTP request data, as
|
||||
* well as extension points for adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* file data in outbound network requests, as well as extension points
|
||||
* for adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* hardcoded credentials, as well as extension points for adding your
|
||||
* own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* hard-coded data being interpreted as code, as well as extension
|
||||
* points for adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* writing user-controlled data to files, as well as extension points
|
||||
* for adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* command-injection vulnerabilities, as well as extension points for
|
||||
* adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* random values that are not cryptographically secure, as well as
|
||||
* extension points for adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* password hashing with insufficient computational effort, as well as
|
||||
* extension points for adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* NoSQL injection vulnerabilities, as well as extension points for
|
||||
* adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* cross-window communication with unrestricted origin, as well as
|
||||
* extension points for adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* user-controlled objects flowing into a vulnerable `extends` call,
|
||||
* as well as extension points for adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* untrusted user input used to construct regular expressions, as well
|
||||
* as extension points for adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* injections in property names, used either for writing into a
|
||||
* property, into a header or for calling an object's method, as well
|
||||
* as extension points for adding your own.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* request forgery, as well as extension points for adding your own.
|
||||
*/
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* unvalidated URL redirection problems on the server side, as well as
|
||||
* extension points for adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* SQL injection vulnerabilities, as well as extension points for
|
||||
* adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* stack trace exposure vulnerabilities, as well as extension points
|
||||
* for adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* format injections, as well as extension points for adding your own.
|
||||
*/
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* tainted-path vulnerabilities, as well as extension points for
|
||||
* adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* type confusion for HTTP request inputs, as well as extension points
|
||||
* for adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* unsafe deserialization, as well as extension points for
|
||||
* adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* method invocations with a user-controlled method name on objects
|
||||
* with unsafe methods, as well as extension points for adding your
|
||||
* own.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* unvalidated dynamic method calls, as well as extension points for
|
||||
* adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* XML-bomb vulnerabilities, as well as extension points for adding
|
||||
* your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* untrusted user input used in XPath expression, as well as extension
|
||||
* points for adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* XML External Entity (XXE) vulnerabilities, as well as extension
|
||||
* points for adding your own.
|
||||
*/
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/**
|
||||
* Provides default sources, sinks and sanitisers for reasoning about
|
||||
* Provides default sources, sinks and sanitizers for reasoning about
|
||||
* unsafe zip and tar archive extraction, as well as extension points
|
||||
* for adding your own.
|
||||
*/
|
||||
|
||||
Reference in New Issue
Block a user