hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,879 Commits 1,672 Branches 157 Tags
rc/1.24
Commit Graph

17 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
58af63d8cc add test case for XSS on url suffix 2020-03-27 10:02:24 +01:00
Erik Krogh Kristensen
76aca02752 change the pseudo-property on URL to a two-stage process 2020-02-05 10:27:03 +01:00
Erik Krogh Kristensen
8d37c03209 using pseudo-properties to model URL parsing 2020-02-04 16:30:07 +01:00
Erik Krogh Kristensen
6494649125 fix a number of FPs in js/exception-xss 2020-01-20 15:11:57 +01:00
Asger F
2acd616e6f JS: Review comments 2019-12-06 11:53:06 +00:00
Asger F
a6e75259d6 JS: More fine-grained regexp-based sanitizer guards 2019-12-06 11:49:59 +00:00
Erik Krogh Kristensen
f284b3a2bb Merge remote-tracking branch 'upstream/master' into exceptionXss 2019-11-26 10:54:04 +01:00
Erik Krogh Kristensen
7d825af9a3 Added an XSS sink for Handlebars.SafeString 2019-11-22 15:56:21 +01:00
Erik Krogh Kristensen
94e9c0203d add test for exceptional taint-flow 2019-11-21 17:16:13 +01:00
Max Schaefer
8b3e647ae9 JavaScript: Do not taint for-in loop variable. 2019-07-23 10:52:55 +01:00
Asger F
9046fd15f7 JS: Update expected output of XSS query (benign) 2019-05-23 08:56:01 +01:00
Max Schaefer
2fce626c3a JavaScript: Add Range.prototype.createContextualFragment as an XSS sink. 2019-02-12 16:32:30 +00:00
Asger F
7f538e82c0 JS: add test case for non-whitelisted use of location 2018-12-18 13:55:05 +00:00
Asger F
02978c97f1 JS: whitelist $(location) in simple cases 2018-12-18 13:11:42 +00:00
Asger F
c17eca90a1 JS: add test case for $(location) 2018-12-18 13:06:12 +00:00
Asger F
a96c53f9b8 JS: restrict when a variable reference is considered a source 2018-12-12 12:28:26 +00:00
Pavel Avgustinov
b55526aa58 QL code and tests for C#/C++/JavaScript. 2018-08-02 17:53:23 +01:00