hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

JS: Fix StoresXss example query

Browse Source
This commit is contained in:
Asger Feldthaus
2021-08-12 09:14:12 +02:00
parent 020d65befc
commit fd027451b1
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
javascript/ql/examples/queries/dataflow/StoredXss/StoredXss.ql
View File

@@ -8,7 +8,6 @@
*/
import javascript
import DataFlow
import semmle.javascript.security.dataflow.StoredXssQuery
import DataFlow::PathGraph
@@ -24,7 +23,7 @@ import DataFlow::PathGraph
class MysqlSource extends Source {
MysqlSource() {
this =
moduleImport("mysql")
DataFlow::moduleImport("mysql")
.getAMemberCall("createConnection")
.getAMethodCall("query")
.getCallback(1)
@@ -32,6 +31,6 @@ class MysqlSource extends Source {
}
}
from Configuration cfg, PathNode source, PathNode sink
from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
where cfg.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "Stored XSS from $@.", source.getNode(), "database value."