Asger F
939eab2c82
JS: refactor expressions to dataflow nodes
2019-02-15 14:28:06 +00:00
Asger F
8d78731ff0
JS: rename getNamespaceId to getClosureNamespace
2019-02-15 14:28:06 +00:00
Asger F
8c96f5f037
JS: tweak global flow for closure modules
2019-02-15 12:05:35 +00:00
semmle-qlci
26525fc1b5
Merge pull request #929 from asger-semmle/typescript-no-expansion
...
Approved by xiemaisi
2019-02-13 18:20:41 +00:00
semmle-qlci
92a6e7e04c
Merge pull request #932 from asger-semmle/cookbook-prepare
...
Approved by xiemaisi
2019-02-13 18:20:09 +00:00
Asger F
dfe3f254de
JS: generalize to include default imports
2019-02-13 18:03:57 +00:00
Asger F
d793427630
JS: treat +/- equally in suffix check query
2019-02-13 15:55:19 +00:00
Max Schaefer
5b2df068d3
Merge pull request #921 from asger-semmle/class-node-absval
...
JS: use type inference to back up function-style classes
2019-02-13 10:12:20 +00:00
semmle-qlci
c422ade739
Merge pull request #927 from xiemaisi/js/ambiguous-id-attr-templates
...
Approved by esben-semmle
2019-02-13 08:35:41 +00:00
Asger F
d532815efe
JS: remove unused predicate
2019-02-12 17:34:21 +00:00
Asger F
be10f24de7
JS: make moduleImport() work for named imports
2019-02-12 17:22:06 +00:00
Max Schaefer
2fce626c3a
JavaScript: Add Range.prototype.createContextualFragment as an XSS sink.
2019-02-12 16:32:30 +00:00
Max Schaefer
41eb1ff9d0
JavaScript: Drop precision of AmbiguousIdAttribute to 'high'.
2019-02-12 16:31:29 +00:00
Max Schaefer
25f95d9fb1
JavaScript: Be more conservative about templates in AmbiguousIdAttribute.
...
Previously, we only excluded attributes where the value of the attribute itself suggests templating happening. Now we exclude all attributes in documents where _any_ attribute value suggests templating.
2019-02-12 16:31:01 +00:00
Anders Schack-Mulligen
15a6044445
Javascript: Autoformat qlls
2019-02-12 14:41:31 +01:00
Asger F
3290c174c3
JS: Add DataFlow::Node.getAFunctionValue
2019-02-12 13:38:46 +00:00
Asger F
2fd1ee60a2
JS: add DataFlow::Node.getIntValue()
2019-02-12 13:38:46 +00:00
Asger F
0fd9d157f8
JS: add DataFlow::Node.getStringValue()
2019-02-12 13:38:45 +00:00
Anders Schack-Mulligen
1182fca665
Javascript: Autoformat qls
2019-02-12 14:38:42 +01:00
semmle-qlci
c133362660
Merge pull request #910 from xiemaisi/js/regexp-taint
...
Approved by esben-semmle
2019-02-12 13:15:16 +00:00
Asger F
0444fa307d
TS: update test expectations
2019-02-12 12:33:09 +00:00
Asger F
7a813cfb84
TS: disable type expansion by default
2019-02-12 12:21:11 +00:00
semmle-qlci
ac3f413b87
Merge pull request #920 from xiemaisi/js/field-as-prop-write
...
Approved by asger-semmle
2019-02-12 10:48:13 +00:00
semmle-qlci
10b00254ec
Merge pull request #915 from asger-semmle/closure-uri-methods
...
Approved by xiemaisi
2019-02-11 10:51:07 +00:00
Max Schaefer
10ef945b51
JavaScript: Restrict InstanceFieldAsPropWrite to fields with initializers.
2019-02-11 08:17:53 +00:00
semmle-qlci
986afa1b1b
Merge pull request #909 from xiemaisi/js/improve-incomplete-sanitization-alerts
...
Approved by esben-semmle
2019-02-08 17:39:36 +00:00
semmle-qlci
232d81a4ed
Merge pull request #908 from xiemaisi/js/enable-ms-queries
...
Approved by esben-semmle
2019-02-08 17:38:27 +00:00
Asger F
74a9c4b500
JS: use type inference to back up function-style classes
2019-02-08 16:42:24 +00:00
Asger F
f6e0ccfcf0
JS: model URI and XHR methods from closure library
2019-02-08 15:18:27 +00:00
Asger F
fd2e9f1fcb
JS: shift line numbers in RequestForgery test
2019-02-08 15:13:33 +00:00
semmle-qlci
937049e060
Merge pull request #891 from xiemaisi/js/simplify-sensitive-actions
...
Approved by esben-semmle
2019-02-08 14:12:47 +00:00
semmle-qlci
7e298cfbbe
Merge pull request #900 from esben-semmle/js/defuse-default
...
Approved by xiemaisi
2019-02-08 11:28:32 +00:00
semmle-qlci
a48594ad8e
Merge pull request #906 from asger-semmle/q-library
...
Approved by xiemaisi
2019-02-08 11:12:50 +00:00
Asger F
bfe88e9784
JS: make Closure::moduleImport handle member access.
2019-02-08 10:51:07 +00:00
Max Schaefer
b314c546e1
JavaScript: Track taint through RegExp.prototype.replace.
2019-02-08 09:57:07 +00:00
Max Schaefer
25d06ad0cf
JavaScript: Treat regexp replacements of HTML metacharacters as sanitizers for XSS queries.
2019-02-08 09:57:06 +00:00
Max Schaefer
18c23ecfd4
JavaScript: Introduce shared library for modelling XSS-relevant concepts.
...
As its first application, this library makes it possible for `StoredXss` to reuse the `Source` classes of `DomBasedXss` and `ReflectedXss` without having to pull in their libraries (which contain their `Configuration` classes, causing `StoredXss` to recompute all flow information for the other two queries).
2019-02-08 09:53:51 +00:00
Max Schaefer
3e26bc6446
JavaScript: Improve alert location and message for IncompleteSanitization.
...
We now highlight the `replace` call (instead of the regular expression), and the alert message for the case of missing backslash escapes clarifies that it is talking about failure to escape backslashes in the input, not in the replacement text.
2019-02-08 09:13:40 +00:00
Max Schaefer
aebc5bc6c3
JavaScript: Update qhelp example for CleartextStorage.
2019-02-08 08:43:22 +00:00
Max Schaefer
0be81dacdc
JavaScript: Add classification of sensitive expressions.
...
We now classify sensitive expressions into four categories (secret, id, password, certificate). This allows queries more fine-grained control over what kinds of sensitive data they want to deal with: for clear-text storage, for instance, user ids aren't so much of a problem.
2019-02-08 08:43:22 +00:00
Max Schaefer
6389f32847
JavaScript: Update expected output for ExtractSinkSummaries query.
2019-02-08 08:43:22 +00:00
Max Schaefer
326b93bf84
JavaScript: Clean up classification of sensitive strings.
2019-02-08 08:43:22 +00:00
Asger F
9dae08bbcf
JS: fix javadoc
2019-02-07 13:53:29 +00:00
Asger F
c2321045f2
TS: fix import of q.d.ts in test case
2019-02-07 12:37:54 +00:00
Asger F
6cc30fe732
JS: add stats for new relations
2019-02-07 12:00:53 +00:00
Asger F
e4b230ba60
Revert "Merge pull request #897 from Semmle/revert-817-closure-modules"
...
This reverts commit 95185345fdb8be66ec48
2019-02-07 11:58:38 +00:00
Esben Sparre Andreasen
5ad83360be
JS: move default parameter values to the DefUse graph
2019-02-07 11:41:36 +01:00
Esben Sparre Andreasen
65530c5edf
JS: add test for js/useless-comparison-test
2019-02-07 11:41:36 +01:00
Esben Sparre Andreasen
55fd948c24
JS: add test for js/trivial-conditional
2019-02-07 11:41:36 +01:00
Esben Sparre Andreasen
f956e570cb
JS: support default destructuring values in the dataflow graph
2019-02-07 11:41:36 +01:00
