add model for formik

2026-04-28 10:15:14 +02:00 · 2021-02-07 12:58:10 +01:00
parent d1087d4e41
commit ff3950ce98
3 changed files with 132 additions and 0 deletions
--- a/javascript/ql/src/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll
+++ b/javascript/ql/src/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll
@@ -96,4 +96,45 @@ module XssThroughDom {
      e = operand
    }
  }
+
+  /**
+   * A module for form inputs seen as sources for xss-through-dom.
+   */
+  module Forms {
+    /**
+     * A reference to an import of `Formik`.
+     */
+    private DataFlow::SourceNode formik() {
+      result = DataFlow::moduleImport("formik")
+      or
+      result = DataFlow::globalVarRef("Formik")
+    }
+
+    /**
+     * An object containing input values from a form build with `Formik`.
+     */
+    class FormikSource extends Source {
+      FormikSource() {
+        exists(JSXElement elem |
+          formik().getAPropertyRead("Formik").flowsToExpr(elem.getNameExpr())
+        |
+          this =
+            elem.getAttributeByName(["validate", "onSubmit"])
+                .getValue()
+                .flow()
+                .getAFunctionValue()
+                .getParameter(0)
+        )
+        or
+        this =
+          formik()
+              .getAMemberCall("withFormik")
+              .getOptionArgument(0, ["validate", "handleSubmit"])
+              .getAFunctionValue()
+              .getParameter(0)
+        or
+        this = formik().getAMemberCall("useFormikContext").getAPropertyRead("values")
+      }
+    }
+  }
 }