hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-07 08:06:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,619 Commits 1,703 Branches 162 Tags
29659647eaee68fb010ec4d55e06f7320a85ebf9
Commit Graph

712 Commits

Author SHA1 Message Date
Asger F
29659647ea JS: Fix barrier guards for ServerSideUrlRedirect 
The barrier guards for ServerSideUrlRedirect were lost when it was ported to ConfigSig, and the aforementioned spurious alert was a result of that.

The query had two guards: a proper barrier guard and a heuristic one for functions named 'isLocalURL'. We should move away from the heuristic name-based sanitiser guards, so I'm only reinstating the proper barrier guard.

Therefore updating the test to test the real barrier guard.
 2025-02-28 13:28:43 +01:00
Asger F
0ca9b2285b Merge pull request #18740 from asgerf/js/more-precise-diff-informed 
JS: Provide more precise related locations
 2025-02-17 10:27:15 +01:00
Asger F
7e3f89842d JS: Provide more precise related locations 2025-02-11 14:12:03 +01:00
Asger F
45242977a4 JS: Model query-string parsers that strip off ? or # 2025-02-11 10:41:23 +01:00
Paul Hodgkinson
f033f179f7 Merge branch 'main' into angular-sources-sinks 2025-01-24 15:46:48 +00:00
Asger F
1b7977bf90 Merge pull request #18466 from asgerf/js/view-component-inputs 
JS: Add view-component-input threat model
 2025-01-24 10:59:25 +01:00
aegilops
522f3d1337 Merge 2025-01-23 17:00:56 +00:00
Asger F
6423033db6 JS: Resolve inserted TODOs 2025-01-23 13:02:52 +01:00
Asger F
dba76a0e4d JS: Rerun patch query after bugfix 2025-01-23 10:31:32 +01:00
Asger F
d647c7b14d JS: Replace 'instanceof ClientSideRemoteFlowSource' 2025-01-22 10:45:49 +01:00
Asger F
3061d51b20 JS: Add ThreatModelSource#isCilentSideSource() 2025-01-22 10:45:48 +01:00
Asger F
7c29ea9dda JS: Update ExternalAPIUsedwithUntrustedData 2025-01-20 11:20:32 +01:00
Asger F
ecbd7983ba JS: Update DifferentKindsComparisonBypassQuery.qll 2025-01-20 11:20:31 +01:00
Asger F
29da1fb6c8 JS: Update ConditionalBypassQuery.qll 2025-01-20 11:20:30 +01:00
Asger F
fd763a0883 JS: Auto-patch diff informed queries 2025-01-20 11:20:27 +01:00
Asger F
859783c08b JS: Support [(ngModel)] 2025-01-17 10:26:57 +01:00
Asger F
97f5559e64 JS: Recognise form input from NgForm 2025-01-17 10:22:20 +01:00
Asger F
6cd9752289 Merge pull request #18467 from github/js/shared-dataflow-branch 
JS: Migrate to shared data flow library (targeting main!) 🚀
 2025-01-16 11:28:57 +01:00
Geoffrey White
f8659c0a4e Sync identical files. 2025-01-10 10:26:13 +00:00
Asger F
b2d62a080b JS: Move a test failure explanation into the test suite 
We have an issue for fixing the underlying problem
 2025-01-09 09:57:44 +01:00
Asger F
d9da9444fa JS: Rephrase TODO 
This is useful info, but not something that can be fixed locally in this query, so a TODO comment isn't helping
 2025-01-09 09:45:39 +01:00
Asger F
a8f93cac05 JS: Remove obsolete comment 
The test case actually has the correct result now
 2025-01-09 09:39:32 +01:00
Asger F
dd37c474d8 JS: Remove mention of results from comments 2025-01-09 09:39:30 +01:00
Asger F
fb54a3bde8 JS: Remove obsolete TODO comment 2025-01-09 09:39:29 +01:00
Asger F
b29ee2acde JS: Remove references to localFieldStep 
These are tracked in https://github.com/github/codeql-javascript-team/issues/456
 2025-01-09 09:39:27 +01:00
aegilops
4b57d5feb2 Added XSS sink for innerHTML/outerHTML using new Angular attribute def 2025-01-08 16:36:46 +00:00
aegilops
4530118681 Comment out hardcoded definition of sink 2025-01-06 17:33:31 +00:00
aegilops
e414b8c5be Remove @Input() decorated members as remote sources, in favour of a later Threat Model 2025-01-06 16:51:35 +00:00
aegilops
8dac00aa83 Change from getParameter() to getArgument() 2025-01-06 15:43:47 +00:00
Asger F
7ccb476b1b JS: Restrict AP length in ExceptionXss 2025-01-06 14:28:58 +01:00
Asger F
e2af19b946 JS: Restrict "get" step to Map objects 2025-01-06 13:17:32 +01:00
Asger F
4c9f406e34 JS: Exclude some sinks in UnvalidatedDynamicMethodCall 2025-01-06 10:32:11 +01:00
aegilops
7128700003 Simplified AngularInputUse class 2025-01-03 17:02:55 +00:00
aegilops
4891c1e5fe Added QLdoc and simplified QL in source class 2025-01-03 16:50:47 +00:00
aegilops
4773917876 Formatting 2025-01-03 16:43:00 +00:00
aegilops
0f64822356 New remote source - reading from an @Input() decorated class member 2025-01-03 16:34:15 +00:00
aegilops
09e4c78b0f New XSS sink - writing to innerHTML using the Angular Renderer2 API 2025-01-03 16:33:42 +00:00
Asger F
3acd4814de Merge branch 'main' into js/shared-dataflow-merge-main 2024-12-19 10:14:38 +01:00
Asger F
e5ae7e0231 JS: Fix bad join in isOptionallySanitizedEdgeInternal 
This was previously called from isBarrier(node, state) but without restricting the state. The call was therefore moved to isBarrier(node), but this caused some optimisation changes resulting in a bad join.
 2024-12-16 15:35:54 +01:00
Asger F
947b785d47 JS: Remove reference to deprecated step relation that's empty anyway 2024-12-16 15:35:53 +01:00
Asger F
0b2914ff13 JS: A few more deprecation updates 2024-12-16 15:35:50 +01:00
Asger F
079294e55f JS: Mass rename to node1,state1,node2,state2 naming convention 2024-12-16 15:35:46 +01:00
Asger F
ac6da6c2b1 JS: Add some missing qldoc 2024-12-16 15:35:44 +01:00
Asger F
c951a29e2a JS: Migrate UnvalidatedDynamicMethodCall 2024-12-16 15:35:34 +01:00
Asger F
820f81fc10 JS: Migrate UnsafeDynamicMethodAccess 2024-12-13 11:32:25 +01:00
Asger F
a9e89ed8e3 JS: Migrate PrototypePollutingAssignment 2024-12-13 11:23:31 +01:00
Asger F
bcc1669f4c JS: Migrate InsecureDownload 2024-12-13 11:10:14 +01:00
Asger F
4e25036cdc JS: Follow naming convention in InsecureModuleFlow module 2024-12-13 11:09:59 +01:00
Asger F
d381ab1260 JS: Migrate IncompleteHtmlAttributeSanitization 2024-12-13 10:55:00 +01:00
Asger F
2112ecc44d JS: Migrate HardcodedDataInterpretedAsCode 2024-12-13 10:48:43 +01:00