6335 Commits

Author	SHA1	Message	Date
ubuntu	cbe879ae73	Correct typo examples	2020-08-27 01:05:49 +02:00
ubuntu	68ff480892	Update .qhelp	2020-08-27 00:51:08 +02:00
ubuntu	13f443d2c3	Update getLdapjsClientDNMethodName	2020-08-27 00:48:29 +02:00
Alessio Della Libera	616113aeff	Update javascript/ql/src/experimental/Security/CWE-090/Ldapjs.qll ... Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2020-08-27 00:47:29 +02:00
ubuntu	94bd9c6d3e	Rename LdapjsDN to LdapjsDNArgument and add it as Sink	2020-08-27 00:43:38 +02:00
ubuntu	7d36b3b4d2	Correct typo	2020-08-27 00:26:54 +02:00
ubuntu	2305a642eb	Correct typo	2020-08-27 00:24:50 +02:00
Alessio Della Libera	23287aacee	Update javascript/ql/src/experimental/Security/CWE-090/Ldapjs.qll ... Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2020-08-27 00:17:55 +02:00
Alessio Della Libera	f12ac8ca60	Update javascript/ql/src/experimental/Security/CWE-090/Ldapjs.qll ... Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2020-08-27 00:17:33 +02:00
ubuntu	cd1d50b637	Update expected output	2020-08-26 23:50:15 +02:00
Alessio Della Libera	dcf51c75e9	Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.ql ... Co-authored-by: Esben Sparre Andreasen <esbena@github.com>	2020-08-26 23:33:52 +02:00
Esben Sparre Andreasen	d27442e846	Apply suggestions from code review ... Co-authored-by: Felicity Chapman <felicitymay@github.com>	2020-08-26 20:18:54 +02:00
Esben Sparre Andreasen	89305865d0	JS: make sanitization a "common" technique rather than "important"	2020-08-26 15:41:54 +02:00
Erik Krogh Kristensen	61427393be	add qldoc to Generators.qll file	2020-08-26 09:11:39 +02:00
Alessio Della Libera	57f3c73d3d	Update javascript/ql/src/experimental/Security/CWE-090/LdapInjectionCustomizations.qll ... Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2020-08-26 02:08:31 +02:00
Alessio Della Libera	6979c394fe	Update javascript/ql/src/experimental/Security/CWE-090/LdapInjection.qhelp ... Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2020-08-26 02:08:18 +02:00
Alessio Della Libera	355c7bc3b5	Update javascript/ql/src/experimental/Security/CWE-090/LdapInjection.qhelp ... Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>	2020-08-26 02:08:08 +02:00
Alessio Della Libera	e027c8cc13	Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll ... Co-authored-by: Esben Sparre Andreasen <esbena@github.com>	2020-08-26 01:48:05 +02:00
Alessio Della Libera	a1f64e26cf	Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll ... Co-authored-by: Esben Sparre Andreasen <esbena@github.com>	2020-08-26 01:47:52 +02:00
Alessio Della Libera	3bd7615a75	Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll ... Co-authored-by: Esben Sparre Andreasen <esbena@github.com>	2020-08-26 01:47:37 +02:00
Alessio Della Libera	57cf447188	Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll ... Co-authored-by: Esben Sparre Andreasen <esbena@github.com>	2020-08-26 01:46:59 +02:00
Erik Krogh Kristensen	e6bfffaed3	update basic-block on ExceptionalFunctionReturnNode and FunctionReturnNode	2020-08-25 20:09:41 +02:00
Erik Krogh Kristensen	90422fe705	add support for delegating yield	2020-08-25 20:05:53 +02:00
Erik Krogh Kristensen	afaaea8922	support basic generators	2020-08-25 20:04:30 +02:00
Erik Krogh Kristensen	592ed8a3a1	remove ordinary return flow from generator functions	2020-08-25 14:02:57 +02:00
CodeQL CI	722b1a24f6	Merge pull request #4087 from erik-krogh/thisJsx ... Approved by asgerf	2020-08-25 10:20:32 +01:00
ubuntu	22f5ae4ad4	Format code	2020-08-24 18:53:37 +02:00
CodeQL CI	e2c6a01c00	Merge pull request #4097 from erik-krogh/createRequire ... Approved by esbena	2020-08-24 15:57:10 +01:00
Erik Krogh Kristensen	eb84f97e7f	Merge branch 'main' into ts4	2020-08-24 12:20:48 +02:00
ubuntu	3e97ec85b2	Add CodeQL to detect LDAP Injection in JS	2020-08-23 15:24:29 +02:00
Erik Krogh Kristensen	db57f3661e	Merge branch 'main' into ts4	2020-08-21 15:08:30 +02:00
Erik Krogh Kristensen	65a1769d43	Merge branch 'main' into asyncCalls	2020-08-21 14:58:27 +02:00
Erik Krogh Kristensen	bbbb0a2c5e	specialize module.createRequire support to ES2015 modules	2020-08-21 14:14:05 +02:00
Erik Krogh Kristensen	906705f84c	add SourceNode example to the TrackedNode deprecation description	2020-08-20 15:01:40 +02:00
Erik Krogh Kristensen	fe41521e0c	add tutorial for how to get around TrackedNodes deprecation	2020-08-20 12:46:17 +02:00
Erik Krogh Kristensen	8f68f512df	deprecate TrackedNodes.qll	2020-08-20 11:26:22 +02:00
Erik Krogh Kristensen	3d5c1560e4	basic support for .cjs files	2020-08-19 10:53:57 +02:00
Erik Krogh Kristensen	1e65ed2228	support module.createRequire	2020-08-18 14:43:03 +02:00
Erik Krogh Kristensen	83ed41b247	move indices comment into plain comment	2020-08-17 15:43:52 +02:00
CodeQL CI	c917cd02bd	Merge pull request #4054 from erik-krogh/urlIncludes ... Approved by esbena	2020-08-17 13:54:25 +01:00
Erik Krogh Kristensen	6f28ddf1f8	proper support for this inside a JSX-name	2020-08-17 14:23:42 +02:00
ubuntu	8ec91ef0c6	Change polarity predicate isInsecure	2020-08-16 15:23:29 +02:00
ubuntu	3e9142bf71	Remove examples	2020-08-16 14:58:37 +02:00
ubuntu	2a322976c6	Changed .qhelp	2020-08-16 14:57:04 +02:00
ubuntu	91d44854c0	Replace class and module name	2020-08-16 14:53:31 +02:00
ubuntu	d4b231b867	Replace regex	2020-08-16 14:48:26 +02:00
ubuntu	e2908026c5	Remove redundancy	2020-08-16 14:41:55 +02:00
Alessio Della Libera	1ba39e4130	Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll ... Co-authored-by: Esben Sparre Andreasen <esbena@github.com>	2020-08-16 14:34:19 +02:00
Alessio Della Libera	05ffd672d7	Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll ... Co-authored-by: Esben Sparre Andreasen <esbena@github.com>	2020-08-16 14:33:38 +02:00
Alessio Della Libera	ab20beba56	Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll ... Co-authored-by: Esben Sparre Andreasen <esbena@github.com>	2020-08-16 14:32:51 +02:00