JavaScript: add import that populate the shared abstract classes

2025-12-22 11:46:32 +01:00 · 2023-10-08 19:50:05 +02:00
parent 57c757c0a6
commit f48b47c656
1 changed files with 7 additions and 0 deletions
--- a/javascript/ql/lib/semmle/javascript/security/dataflow/Xss.qll
+++ b/javascript/ql/lib/semmle/javascript/security/dataflow/Xss.qll
@@ -20,6 +20,13 @@ module Shared {
    string getVulnerabilityKind() { result = "Cross-site scripting" }
  }

+  // import the various XSS query customizations, they populate the shared classes
+  private import DomBasedXssCustomizations
+  private import ReflectedXssCustomizations
+  private import StoredXssCustomizations
+  private import XssThroughDomCustomizations
+  private import ExceptionXssCustomizations
+
  /** A sanitizer for XSS vulnerabilities. */
  abstract class Sanitizer extends DataFlow::Node { }