Esben Sparre Andreasen
|
1bc73ab592
|
JS: address review comments
|
2018-12-11 13:03:17 +01:00 |
|
Esben Sparre Andreasen
|
ab519d4abf
|
JS: rename query
"Incomplete URL regular expression" -> "Incomplete regular expression for hostnames".
|
2018-12-10 22:22:54 +01:00 |
|
Esben Sparre Andreasen
|
7c6e28d917
|
JS: introduce near-empty RegularExpressions.qll
|
2018-12-10 22:22:54 +01:00 |
|
Esben Sparre Andreasen
|
994fe1bea5
|
JS: address non-semantic review comments
|
2018-12-10 22:21:02 +01:00 |
|
Esben Sparre Andreasen
|
d4e4bc6a0b
|
JS: sharpen js/incomplete-url-regexp by not matching .* or .+
|
2018-12-10 22:21:02 +01:00 |
|
Esben Sparre Andreasen
|
52ca696ff4
|
JS: add query js/incomplete-url-regexp
|
2018-12-10 22:20:29 +01:00 |
|
semmle-qlci
|
9e73ed71b9
|
Merge pull request #623 from esben-semmle/js/incomplete-url-sanitization
Approved by mc-semmle
|
2018-12-06 20:46:37 +00:00 |
|
Esben Sparre Andreasen
|
4f53411397
|
JS: recognize HTTP URLs in js/incomplete-url-sanitization
|
2018-12-06 15:53:20 +01:00 |
|
Esben Sparre Andreasen
|
229eea00dc
|
JS: add query js/incomplete-url-substring-sanitization
|
2018-12-06 15:53:20 +01:00 |
|
semmle-qlci
|
3397533045
|
Merge pull request #628 from xiemaisi/js/setUnsafeHTML
Approved by esben-semmle
|
2018-12-06 13:58:52 +00:00 |
|
Max Schaefer
|
ef347b3870
|
JavaScript: Teach Xss query about WinJS HTML injection functions.
|
2018-12-06 09:13:21 +00:00 |
|
Asger F
|
7121a18eba
|
JS: address comments
|
2018-12-04 10:40:43 +00:00 |
|
Asger F
|
1130d0c6f9
|
JS: add comment about arrays
|
2018-12-03 11:23:02 +00:00 |
|
Asger F
|
374f7ab65d
|
JS: address comments
|
2018-12-03 11:23:02 +00:00 |
|
Asger F
|
c4d7672ea7
|
JS: fix typo in method name
|
2018-12-03 11:23:02 +00:00 |
|
Asger F
|
0462eb4b50
|
JS: add IncorrectSuffixCheck query
|
2018-12-03 11:23:02 +00:00 |
|
Max Schaefer
|
10166be535
|
JavaScript: Add new query DoubleEscaping.
|
2018-11-30 09:39:00 +00:00 |
|
Max Schaefer
|
6021d2499d
|
JavaScript: Remove accidentally committed .actual file.
|
2018-11-19 12:24:19 +00:00 |
|
Max Schaefer
|
3fcd02ab0e
|
JavaScript: Rename hasPathFlow to hasFlowPath for consistency with other languages.
|
2018-11-14 11:23:17 +00:00 |
|
Max Schaefer
|
52ae757279
|
JavaScript: Select Nodes (instead of PathNodes) everywhere.
|
2018-11-14 09:16:40 +00:00 |
|
Max Schaefer
|
e365b722ee
|
JavaScript: Select source and sink in all path queries.
|
2018-11-14 09:16:40 +00:00 |
|
Max Schaefer
|
d5af008e31
|
JavaScript: Adjust ConditionalBypass query.
|
2018-11-14 09:16:40 +00:00 |
|
Max Schaefer
|
11d6259dbf
|
JavaScript: Move from Node to PathNode.
|
2018-11-14 09:16:40 +00:00 |
|
Max Schaefer
|
8d87f556e1
|
JavaScript: Add import DataFlow::PathGraph.
|
2018-11-14 09:16:40 +00:00 |
|
Max Schaefer
|
60a1357092
|
JavaScript: Make all taint-based security queries have @kind path-problem.
|
2018-11-14 09:16:40 +00:00 |
|
Max Schaefer
|
65bcf0f526
|
JavaScript: Refactor security queries for uniformity.
|
2018-11-14 09:16:40 +00:00 |
|
Max Schaefer
|
9b4ae9e4d3
|
JavaScript: Refactor HostHeaderPoisoningInEmailGeneration query.
|
2018-11-14 09:16:40 +00:00 |
|
Max Schaefer
|
c51cd50133
|
JavaScript: Remove a few unnecessary imports.
|
2018-11-14 09:16:40 +00:00 |
|
semmle-qlci
|
3c49bc6e67
|
Merge pull request #407 from asger-semmle/email-xss
Approved by xiemaisi
|
2018-11-08 10:53:10 +00:00 |
|
Asger F
|
e0d5557ef4
|
JS: add email HTML body as XSS sink
|
2018-11-07 11:31:40 +00:00 |
|
Max Schaefer
|
5ffe45a80b
|
JavaScript: Fix mixed tabs/spaces in qhelp.
|
2018-11-07 07:40:51 +00:00 |
|
Max Schaefer
|
7702b58794
|
Merge pull request #305 from asger-semmle/json-taint-kind
JS: Add flow label for tainted objects and sharpen NosqlInjection
|
2018-10-22 11:58:50 +01:00 |
|
Esben Sparre Andreasen
|
ffbbb807f4
|
JS: avoid flagging early returns in js/user-controlled-bypass
|
2018-10-16 08:39:59 +02:00 |
|
Asger F
|
d72d7345b8
|
JS: make NosqlInjection use object taint
|
2018-10-10 17:05:59 +01:00 |
|
Esben Sparre Andreasen
|
358b6c3413
|
JS: change "remote request" to "network request"
|
2018-10-10 15:34:39 +02:00 |
|
Esben Sparre Andreasen
|
e93545d16e
|
JS: address more review comments
|
2018-10-10 15:28:42 +02:00 |
|
Esben Sparre Andreasen
|
b00aa36cdc
|
JS: polish HttpToFileAccess.ql
|
2018-10-10 12:12:54 +02:00 |
|
Esben Sparre Andreasen
|
d261915598
|
JS: polish FileAccessToHttp.ql
|
2018-10-10 12:12:54 +02:00 |
|
Asger F
|
d2af4ab94a
|
Merge pull request #227 from xiemaisi/js/taint-kinds
JavaScript: Add support for state-based taint tracking.
|
2018-10-08 15:09:12 +01:00 |
|
semmle-qlci
|
98254e87e1
|
Merge pull request #132 from denislevin/denisl/js/HttpToFileAccessTest
Approved by xiemaisi
|
2018-10-04 14:06:46 +01:00 |
|
Max Schaefer
|
4e4ef520ab
|
JavaScript: Rename a predicate in CommandInjection.qll.
|
2018-10-03 15:49:02 +01:00 |
|
Denis Levin
|
e147e690ee
|
Merge branch 'master' into denisl/js/HttpToFileAccessTest
|
2018-10-02 15:13:35 -07:00 |
|
Bas van Schaik
|
c4eb6f0056
|
fix JS example based on LGTM.com alerts
1f7ef5b0d7/files/javascript/ql/src/Security/CWE-079/examples/StoredXssGood.js (x95b0280fcab9007a):1
1f7ef5b0d7/files/javascript/ql/src/Security/CWE-079/examples/StoredXss.js (xaef03a63aa3e02e4):1
|
2018-10-02 14:47:52 +01:00 |
|
Denis Levin
|
9c487bc6d9
|
Merge branch 'master'
|
2018-10-01 14:51:56 -07:00 |
|
Asger F
|
d005d7127f
|
JS: address doc review
|
2018-10-01 10:58:38 +01:00 |
|
Asger F
|
e4c8653549
|
JS: Factor RequestHeaderAccess into separate class
|
2018-09-27 16:28:58 +01:00 |
|
Asger F
|
c879654796
|
JS: add qhelp
|
2018-09-27 10:21:57 +01:00 |
|
Asger F
|
46336a5643
|
JS: Add HostHeaderPoisoningInEmailGeneration query
|
2018-09-27 10:20:35 +01:00 |
|
Denis Levin
|
8152cefa60
|
Squished changes for HttpToFileAccess commint
|
2018-09-21 16:44:01 -07:00 |
|
Asger F
|
4797924bea
|
JS: review comments
|
2018-09-21 14:46:21 +01:00 |
|