hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,029 Commits 1,671 Branches 157 Tags
z80coder/query-pack-release-candidate-2
Commit Graph

13 Commits

Author SHA1 Message Date
Erik Krogh Kristensen
87c0c60c22 don't report dummy authentication headers as hardcoded-crendentials 2021-08-02 22:56:14 +02:00
Erik Krogh Kristensen
5ecae55e77 add keys used by jsonwebtoken as CredentialsExpr 2020-11-10 10:41:39 +01:00
Erik Krogh Kristensen
d814e73023 update comment position to match alert location for CWE-798 2020-07-08 10:12:12 +02:00
Erik Krogh Kristensen
a1940979ba support credentials in a Buffer 2020-06-03 12:02:00 +02:00
Erik Krogh Kristensen
ba44ebe8a8 better support for browser based fetch API 2020-06-03 11:51:24 +02:00
Erik Krogh Kristensen
3622fb8716 support more variants of the Headers API 2020-06-03 11:50:10 +02:00
Erik Krogh Kristensen
3c802007a3 add support for string concatenations and base64-encoding of hardcoded credentials 2020-06-02 23:15:13 +02:00
Erik Krogh Kristensen
b6dc94fccb add fetch.Headers.Authorization as a CredentialsExpr 2020-06-02 23:02:16 +02:00
Esben Sparre Andreasen
a5645e168a JS: exclude keys from whitelist 2019-09-16 10:13:18 +02:00
Esben Sparre Andreasen
aa3f4a7048 JS: change passwords in tests 2019-09-16 10:09:59 +02:00
Asger F
378b0bfb74 JS: Do not treat the empty string as a credential 2019-07-30 17:29:12 +01:00
Asger F
3245142203 JS: Dont flag empty string as hardcoded username 2019-01-28 13:01:52 +00:00
Pavel Avgustinov
b55526aa58 QL code and tests for C#/C++/JavaScript. 2018-08-02 17:53:23 +01:00