codeql

mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00

Author	SHA1	Message	Date
Asger F	f6e0ccfcf0	JS: model URI and XHR methods from closure library	2019-02-08 15:18:27 +00:00
Asger F	fd2e9f1fcb	JS: shift line numbers in RequestForgery test	2019-02-08 15:13:33 +00:00
semmle-qlci	937049e060	Merge pull request #891 from xiemaisi/js/simplify-sensitive-actions Approved by esben-semmle	2019-02-08 14:12:47 +00:00
Max Schaefer	25d06ad0cf	JavaScript: Treat regexp replacements of HTML metacharacters as sanitizers for XSS queries.	2019-02-08 09:57:06 +00:00
Max Schaefer	18c23ecfd4	JavaScript: Introduce shared library for modelling XSS-relevant concepts. As its first application, this library makes it possible for `StoredXss` to reuse the `Source` classes of `DomBasedXss` and `ReflectedXss` without having to pull in their libraries (which contain their `Configuration` classes, causing `StoredXss` to recompute all flow information for the other two queries).	2019-02-08 09:53:51 +00:00
Max Schaefer	3e26bc6446	JavaScript: Improve alert location and message for `IncompleteSanitization`. We now highlight the `replace` call (instead of the regular expression), and the alert message for the case of missing backslash escapes clarifies that it is talking about failure to escape backslashes in the input, not in the replacement text.	2019-02-08 09:13:40 +00:00
Max Schaefer	aebc5bc6c3	JavaScript: Update qhelp example for `CleartextStorage`.	2019-02-08 08:43:22 +00:00
Max Schaefer	6389f32847	JavaScript: Update expected output for `ExtractSinkSummaries` query.	2019-02-08 08:43:22 +00:00
semmle-qlci	b4b37b3a7b	Merge pull request #880 from esben-semmle/js/better-alert-message-1 Approved by xiemaisi	2019-02-07 08:01:21 +00:00
semmle-qlci	a2691b32b5	Merge pull request #851 from xiemaisi/js/post-message-star Approved by esben-semmle	2019-02-06 09:57:04 +00:00
Esben Sparre Andreasen	b72441f9c2	JS: use StringOps:: in js/incomplete-url-substring-sanitization	2019-02-05 15:17:55 +01:00
Max Schaefer	b87abc9602	JavaScript: Extend `suspiciousCredentials` predicate to recognise `authKey` and similar.	2019-01-31 09:03:23 +00:00
Max Schaefer	87e62f0bd5	JavaScript: Teach `PostMessageStar` to reason about partially tainted objects.	2019-01-31 08:59:47 +00:00
Max Schaefer	aeb8cc62b2	JavaScript: Reclassify `PostMessageStar` as CWE-201.	2019-01-31 08:08:52 +00:00
Esben Sparre Andreasen	cfc53ade69	JS: add more tests for js/incomplete-url-substring-sanitization	2019-01-30 12:57:03 +01:00
Max Schaefer	769e407c24	JavaScript: Add new query `PostMessageStar`.	2019-01-30 10:26:43 +00:00
Asger F	3245142203	JS: Dont flag empty string as hardcoded username	2019-01-28 13:01:52 +00:00
semmle-qlci	5bc17923b1	Merge pull request #665 from asger-semmle/js-property-concat-sanitizer Approved by esben-semmle, xiemaisi	2019-01-16 08:44:55 +00:00
semmle-qlci	8655e5ae17	Merge pull request #768 from xiemaisi/js/call-summaries Approved by asger-semmle	2019-01-16 08:35:31 +00:00
Asger F	f4c89601ff	JS: fix typo	2019-01-14 15:34:01 +00:00
Asger F	ad6add383c	JS: improve concatenation-sanitizer for property injection	2019-01-14 15:34:01 +00:00
semmle-qlci	04c15028ab	Merge pull request #750 from aschackmull/javascript/autoformat Approved by xiemaisi	2019-01-11 16:35:38 +00:00
semmle-qlci	b0dd3dfeb1	Merge pull request #502 from xiemaisi/js/summaries Approved by asger-semmle	2019-01-11 10:27:03 +00:00
Max Schaefer	f9d704bdcf	JavaScript: Add example of indirect command injection.	2019-01-11 10:24:41 +00:00
Anders Schack-Mulligen	e58094c732	Javascript: Autoformat.	2019-01-11 11:02:42 +01:00
Max Schaefer	583734a4e2	JavaScript: Fix semantic merge conflict. https://github.com/Semmle/ql/pull/698 removed `document.cookie` as a remote flow source, which some of the tests relied on. We now use `location.search` instead.	2019-01-09 16:09:06 +00:00
Max Schaefer	97e6c75b94	JavaScript: Remove a few other deprecated predicates and classes.	2019-01-09 09:23:59 +00:00
Max Schaefer	8f1c5db8be	JavaScript: Change encoding of member and parameter portals for readability.	2019-01-09 09:10:45 +00:00
Max Schaefer	132570940a	JavaScript: Add support for annotation comments specifying additional sources and sinks.	2019-01-09 09:09:58 +00:00
Max Schaefer	f4fed3657d	JavaScript: Add flow summary extraction queries.	2019-01-09 09:09:58 +00:00
Max Schaefer	b4f400fb23	Merge remote-tracking branch 'upstream/next' into qlucie/master	2019-01-04 10:35:57 +00:00
Esben Sparre Andreasen	c57f8a6d6e	Merge pull request #691 from asger-semmle/sendfile-root JS: Recognize 'root' option in Express res.sendFile	2018-12-19 16:06:15 +01:00
semmle-qlci	495a1fcf3b	Merge pull request #698 from asger-semmle/remove-cookie-as-source Approved by esben-semmle	2018-12-19 15:05:44 +00:00
semmle-qlci	b11b714152	Merge pull request #696 from esben-semmle/js/host-request-forgery Approved by asger-semmle	2018-12-19 15:04:08 +00:00
Asger F	ce18aca62b	JS: update expected output	2018-12-19 11:30:46 +00:00
Asger F	0e40717358	JS: recognize res.sendfile root option	2018-12-19 10:25:15 +00:00
Asger F	f84301e476	JS: add tests with res.sendFile root option	2018-12-19 10:25:15 +00:00
Asger F	7f538e82c0	JS: add test case for non-whitelisted use of location	2018-12-18 13:55:05 +00:00
Asger F	02978c97f1	JS: whitelist $(location) in simple cases	2018-12-18 13:11:42 +00:00
Asger F	c17eca90a1	JS: add test case for $(location)	2018-12-18 13:06:12 +00:00
Jonas Jensen	5ac5aa0c2a	Merge remote-tracking branch 'upstream/master' into mergeback-20181217	2018-12-17 13:42:45 +01:00
Asger F	7adf1d9958	Merge pull request #631 from esben-semmle/js/bad-url-regexing JS: add query: js/incomplete-url-regexp	2018-12-17 11:53:22 +00:00
Esben Sparre Andreasen	c6b4e29b93	JS: add "host" as a sink for `js/request-forgery`	2018-12-17 10:32:30 +01:00
Aditya Sharad	f71e5ac338	Merge master into next.	2018-12-13 17:57:31 +00:00
Max Schaefer	e194021c3b	Merge pull request #629 from esben-semmle/js/persistent-read-taint JS: add persistent storage taint steps	2018-12-13 08:24:42 +00:00
Max Schaefer	e8c8360ad1	Merge pull request #659 from esben-semmle/js/more-constant-string-usage JS: replace StringLiteral with ConstantString in two queries	2018-12-13 08:19:22 +00:00
Aditya Sharad	f92456fcad	Merge master into next. Conflict in `cpp/ql/test/library-tests/sideEffects/functions/sideEffects.expected`, resolved by accepting test output (combining changes).	2018-12-12 17:26:18 +00:00
Asger F	a96c53f9b8	JS: restrict when a variable reference is considered a source	2018-12-12 12:28:26 +00:00
Esben Sparre Andreasen	376ed7a4d2	JS: generalize js/command-line-injection to handle ConstantString	2018-12-11 13:39:15 +01:00
Esben Sparre Andreasen	a1d92bfa50	JS: generalize js/incomplete-sanitization to handle ConstantString	2018-12-11 13:39:15 +01:00

... 18 19 20 21 22 ...

1112 Commits