Asger Feldthaus
b9b10af9b5
JS: Tolerate parse errors in test due to speculative parsing
2021-08-11 12:54:22 +02:00
Erik Krogh Kristensen
f719e0ca1b
remove nunjucks template URLs from the target-blank query
2021-08-02 22:46:59 +02:00
Asger F
b8e1987cad
Update javascript/ql/test/query-tests/DOM/HTML/DuplicateAttributes.html
...
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com >
2021-02-22 10:08:56 +00:00
Asger Feldthaus
e964771e9c
JS: Add test
2021-02-22 09:47:21 +00:00
Erik Krogh Kristensen
d6dc4bb655
allow flask url_for urls in TargetBlank.ql
2020-10-05 21:40:24 +02:00
Erik Krogh Kristensen
d946a61d6e
update expected output
2020-09-03 13:32:54 +02:00
Erik Krogh Kristensen
f0a0f41c3c
allow urls that are prefixed with # or ? in js/unsafe-external-link
2020-09-02 10:19:42 +02:00
Erik Krogh Kristensen
f7edf28d0d
allow mailto links in js/unsafe-external-link
2020-08-31 16:01:28 +02:00
Max Schaefer
5681565d4a
JavaScript: Move --html elements extractor options into options file.
2019-11-06 13:01:28 +00:00
Max Schaefer
25f95d9fb1
JavaScript: Be more conservative about templates in AmbiguousIdAttribute.
...
Previously, we only excluded attributes where the value of the attribute itself suggests templating happening. Now we exclude all attributes in documents where _any_ attribute value suggests templating.
2019-02-12 16:31:01 +00:00
Max Schaefer
0a2df6c00d
JavaScript: Highlight id attribute (not entire element) in AmbiguousIdAttribute.
2019-01-02 11:44:02 +00:00
Max Schaefer
c1690a69e5
JavaScript: Make TargetBlank only highlight the first line of the link.
...
Otherwise alerts for multi-line `<a>` elements end up looking very red.
I also took the opportunity to improve the tests slightly.
2018-11-20 12:53:27 +00:00
Max Schaefer
886329689f
JavaScript: Teach globalVarRef about top-level this and the global npm package.
2018-08-14 09:15:15 +01:00
Pavel Avgustinov
b55526aa58
QL code and tests for C#/C++/JavaScript.
2018-08-02 17:53:23 +01:00
