Alessio Della Libera
|
1b50477fae
|
Update javascript/ql/src/experimental/Security/CWE-090/Ldapjs.qll
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
|
2020-09-01 20:55:44 +02:00 |
|
Alessio Della Libera
|
44e728016b
|
Update javascript/ql/src/experimental/Security/CWE-090/LdapInjection.qhelp
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
|
2020-09-01 20:54:58 +02:00 |
|
Erik Krogh Kristensen
|
6cbdc7ad8f
|
autoformat
|
2020-09-01 20:16:49 +02:00 |
|
Erik Krogh Kristensen
|
2628c05e43
|
split out comment over multiple lines
|
2020-09-01 13:12:44 +02:00 |
|
Erik Krogh Kristensen
|
c6947320ea
|
use isAsyncOrGenerator instead of isOrdinary
|
2020-09-01 13:11:44 +02:00 |
|
Arthur Baars
|
aedfa47cb4
|
Add missing QHelp files
|
2020-09-01 12:46:57 +02:00 |
|
Erik Krogh Kristensen
|
f7edf28d0d
|
allow mailto links in js/unsafe-external-link
|
2020-08-31 16:01:28 +02:00 |
|
Max Schaefer
|
22ccae6006
|
JavaScript: Make PromiseFlow module public.
|
2020-08-31 11:55:10 +01:00 |
|
ubuntu
|
104c9b5dac
|
Move sinks into separate classes
|
2020-08-29 11:24:58 +02:00 |
|
Alessio Della Libera
|
8f98723822
|
Update javascript/ql/src/experimental/Security/CWE-090/LdapInjectionCustomizations.qll
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
|
2020-08-29 11:18:41 +02:00 |
|
Erik Krogh Kristensen
|
f4060723bb
|
add stats for new properties
|
2020-08-28 12:43:26 +02:00 |
|
Erik Krogh Kristensen
|
038cca814a
|
Merge branch 'main' into ts4
|
2020-08-28 10:27:49 +02:00 |
|
CodeQL CI
|
80cb8be405
|
Merge pull request #4155 from asger-semmle/js/lower-duplicate-element-id-precision
Approved by esbena
|
2020-08-28 08:52:58 +01:00 |
|
CodeQL CI
|
ac94869978
|
Merge pull request #3978 from dellalibera/js/insecure-cookies
Approved by esbena
|
2020-08-28 08:31:38 +01:00 |
|
Asger Feldthaus
|
e7a0bc6be6
|
JS: Lower precision of ambiguous HTML ID attribute
|
2020-08-27 15:51:34 +01:00 |
|
Esben Sparre Andreasen
|
9aa1404646
|
JS: fix formatting of InsecureCookie.qll
|
2020-08-27 09:44:45 +02:00 |
|
Esben Sparre Andreasen
|
67278d9c93
|
Merge pull request #4141 from esbena/js/clarify-sanitization
JS: make sanitization a "common" technique rather than "important"
|
2020-08-27 08:08:17 +02:00 |
|
ubuntu
|
736f76b685
|
Simplify getQueryCall
|
2020-08-27 02:12:17 +02:00 |
|
ubuntu
|
30e7f958a8
|
Highlight API call
|
2020-08-27 01:42:16 +02:00 |
|
ubuntu
|
7eeec0d765
|
Correct typo example
|
2020-08-27 01:07:13 +02:00 |
|
ubuntu
|
cbe879ae73
|
Correct typo examples
|
2020-08-27 01:05:49 +02:00 |
|
ubuntu
|
68ff480892
|
Update .qhelp
|
2020-08-27 00:51:08 +02:00 |
|
ubuntu
|
13f443d2c3
|
Update getLdapjsClientDNMethodName
|
2020-08-27 00:48:29 +02:00 |
|
Alessio Della Libera
|
616113aeff
|
Update javascript/ql/src/experimental/Security/CWE-090/Ldapjs.qll
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
|
2020-08-27 00:47:29 +02:00 |
|
ubuntu
|
94bd9c6d3e
|
Rename LdapjsDN to LdapjsDNArgument and add it as Sink
|
2020-08-27 00:43:38 +02:00 |
|
ubuntu
|
7d36b3b4d2
|
Correct typo
|
2020-08-27 00:26:54 +02:00 |
|
ubuntu
|
2305a642eb
|
Correct typo
|
2020-08-27 00:24:50 +02:00 |
|
Alessio Della Libera
|
23287aacee
|
Update javascript/ql/src/experimental/Security/CWE-090/Ldapjs.qll
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
|
2020-08-27 00:17:55 +02:00 |
|
Alessio Della Libera
|
f12ac8ca60
|
Update javascript/ql/src/experimental/Security/CWE-090/Ldapjs.qll
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
|
2020-08-27 00:17:33 +02:00 |
|
ubuntu
|
cd1d50b637
|
Update expected output
|
2020-08-26 23:50:15 +02:00 |
|
Alessio Della Libera
|
dcf51c75e9
|
Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.ql
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
|
2020-08-26 23:33:52 +02:00 |
|
Esben Sparre Andreasen
|
d27442e846
|
Apply suggestions from code review
Co-authored-by: Felicity Chapman <felicitymay@github.com>
|
2020-08-26 20:18:54 +02:00 |
|
Esben Sparre Andreasen
|
89305865d0
|
JS: make sanitization a "common" technique rather than "important"
|
2020-08-26 15:41:54 +02:00 |
|
Erik Krogh Kristensen
|
61427393be
|
add qldoc to Generators.qll file
|
2020-08-26 09:11:39 +02:00 |
|
Alessio Della Libera
|
57f3c73d3d
|
Update javascript/ql/src/experimental/Security/CWE-090/LdapInjectionCustomizations.qll
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
|
2020-08-26 02:08:31 +02:00 |
|
Alessio Della Libera
|
6979c394fe
|
Update javascript/ql/src/experimental/Security/CWE-090/LdapInjection.qhelp
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
|
2020-08-26 02:08:18 +02:00 |
|
Alessio Della Libera
|
355c7bc3b5
|
Update javascript/ql/src/experimental/Security/CWE-090/LdapInjection.qhelp
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
|
2020-08-26 02:08:08 +02:00 |
|
Alessio Della Libera
|
e027c8cc13
|
Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
|
2020-08-26 01:48:05 +02:00 |
|
Alessio Della Libera
|
a1f64e26cf
|
Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
|
2020-08-26 01:47:52 +02:00 |
|
Alessio Della Libera
|
3bd7615a75
|
Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
|
2020-08-26 01:47:37 +02:00 |
|
Alessio Della Libera
|
57cf447188
|
Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
|
2020-08-26 01:46:59 +02:00 |
|
Erik Krogh Kristensen
|
e6bfffaed3
|
update basic-block on ExceptionalFunctionReturnNode and FunctionReturnNode
|
2020-08-25 20:09:41 +02:00 |
|
Erik Krogh Kristensen
|
840f30f7bc
|
add basic-block test to dataflow tests
|
2020-08-25 20:09:36 +02:00 |
|
Erik Krogh Kristensen
|
90422fe705
|
add support for delegating yield
|
2020-08-25 20:05:53 +02:00 |
|
Erik Krogh Kristensen
|
6a07e1e82b
|
add more passing tests
|
2020-08-25 20:04:35 +02:00 |
|
Erik Krogh Kristensen
|
afaaea8922
|
support basic generators
|
2020-08-25 20:04:30 +02:00 |
|
Erik Krogh Kristensen
|
592ed8a3a1
|
remove ordinary return flow from generator functions
|
2020-08-25 14:02:57 +02:00 |
|
CodeQL CI
|
722b1a24f6
|
Merge pull request #4087 from erik-krogh/thisJsx
Approved by asgerf
|
2020-08-25 10:20:32 +01:00 |
|
CodeQL CI
|
844abc51e8
|
Merge pull request #4108 from erik-krogh/packType
Approved by asgerf
|
2020-08-25 10:17:28 +01:00 |
|
Erik Krogh Kristensen
|
b0d4e79653
|
split out trap tests to avoid "package.json" naming conflict in trap test
|
2020-08-24 21:36:34 +02:00 |
|