hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-11 01:54:00 +02:00
Code Issues Packages Projects Releases Wiki Activity
59,734 Commits 1,740 Branches 164 Tags
466ffdf8f500577fc3ce36d71e32188462e4462a
Commit Graph

68 Commits

Author SHA1 Message Date
Asger F
81d2721248 JS: Port ClientSideUrlRedirect 2023-10-13 13:15:04 +02:00
Asger F
46fd727a55 JS: Port ServerSideUrlRedirect 2023-10-13 13:15:04 +02:00
Max Schaefer
a9e81672f0 Make suggestion to replace example.com more explicit. 2023-09-12 16:54:05 +01:00
Max Schaefer
a02f373e79 Use better sanitiser. 2023-09-06 14:06:16 +01:00
Max Schaefer
87364137df Use more sensible validator in example. 2023-08-21 15:14:01 +01:00
Max Schaefer
7823ff968c JavaScript: Improve query help for js/server-side-unvalidated-url-redirection. 2023-07-19 13:23:25 +01:00
erik-krogh
a72436f6f1 recognize more express URL related sources 2023-03-15 10:14:31 +01:00
erik-krogh
5c388c554c fix that the TypeTracker was unrestricted for the base-case of nonFirstLocationType 2023-01-10 13:39:50 +01:00
erik-krogh
e02b67af63 add failing test 2023-01-10 13:39:50 +01:00
Calum Grant
4a37c01c5f JavaScript: Remove references to LGTM 2022-12-19 15:15:17 +00:00
erik-krogh
368f84785b fix some more style-guide violations in the alert-messages 2022-10-07 11:22:22 +02:00
erik-krogh
aa56ca37ae make the alert messages of taint-tracking queries more consistent 2022-09-05 14:04:52 +02:00
Erik Krogh Kristensen
2a97dd9f6f add support for Object.hasOwn(obj, key) 2022-05-24 13:59:25 +02:00
Erik Krogh Kristensen
5e02a76dfd add support for typed NextJS route-handlers 2022-05-11 09:45:34 +02:00
Erik Krogh Kristensen
b471fec149 split interpretsArgumentsAsURL out of interpretsArgumentsAsHTML, and use it to generalize AttributeUrlSink 2022-03-16 22:32:08 +01:00
Erik Krogh Kristensen
fc79242674 add tests 2022-03-16 22:32:08 +01:00
Erik Krogh Kristensen
a63b0b28d4 refactor the history library model, add support for the global variable 2021-06-07 15:42:13 +02:00
Erik Krogh Kristensen
5419143e72 remove createHashHistory from the history sink 2021-06-07 15:24:59 +02:00
Erik Krogh Kristensen
608a0314df add location reads from the history libary as client-side remote flow 2021-06-03 12:33:25 +02:00
Erik Krogh Kristensen
e543c6c665 add a js/client-side-unvalidated-url-redirection sink for the history library 2021-06-03 12:23:05 +02:00
Erik Krogh Kristensen
dfd63e5d5a track window object to where .location is read 2021-04-28 18:52:00 +02:00
Asger Feldthaus
710cca5395 JS: Update expectations with new sources 2021-03-16 13:28:12 +00:00
Asger Feldthaus
2e57a7d3e9 JS: Add ClientSideRemoteFlowSource 2021-03-16 13:28:09 +00:00
Erik Krogh Kristensen
ecccb8a409 only flag React elements in ClientSideUrlRedirect if it's a HTML element, or known link class 2021-03-02 12:25:50 +01:00
Erik Krogh Kristensen
36049f05f8 update Next.js xss example such that the attack is viable 2021-03-02 12:25:50 +01:00
Erik Krogh Kristensen
97032f8627 add ClientSideUrlRedirect sink for Next.js routers 2021-03-02 12:25:49 +01:00
Erik Krogh Kristensen
41a0c0b55e support React links in js/client-side-unvalidated-url-redirection 2021-03-02 12:25:49 +01:00
Erik Krogh Kristensen
c9ec983cd8 add js/client-side-unvalidated-url-redirection test for script tags inside react code 2021-01-29 12:50:43 +01:00
Asger Feldthaus
20d9848f07 JS: Add test case 2020-12-03 15:08:43 +00:00
Erik Krogh Kristensen
33dab1717e treat nodes with type "Location" as a location source - but not if we can track it from an original node with type "Location" 2020-11-23 17:03:50 +01:00
Aditya Sharad
e712d16e7e JavaScript: Track taint through RegExp.prototype.exec for URL redirection 
Regexp literals are currently handled, but not `RegExp` objects.
 2020-09-30 15:13:02 -07:00
Erik Krogh Kristensen
664342dd0f change SimpleParameter to Parameter in the express model to support destructuring parameters 2020-09-26 21:31:06 +02:00
Erik Krogh Kristensen
fa255f3534 add test for self.importScripts(..) 2020-09-15 12:23:48 +02:00
Erik Krogh Kristensen
03a3c4f4b2 update expected output 2020-09-14 16:50:47 +02:00
Erik Krogh Kristensen
f4f96ce04d use new source in client-side-url-redirect test 2020-09-14 16:50:47 +02:00
Erik Krogh Kristensen
6e84ac8e6c add test for importScripts 2020-09-14 16:02:34 +02:00
CodeQL CI
8855ab8c8c Merge pull request #3835 from Raz0r/js/xss-protocol-sinks 
Approved by erik-krogh
 2020-08-03 15:40:05 +01:00
CodeQL CI
a4f8b19ae4 Merge pull request #3876 from erik-krogh/CWE078-Correctness 
Approved by esbena
 2020-08-03 15:38:51 +01:00
Erik Krogh Kristensen
1f1c09af02 update consistency comments for CWE-601 2020-07-08 10:02:29 +02:00
Raz0r
3487ec17d0 add tests 2020-07-07 16:26:14 +03:00
Asger Feldthaus
b5104ae42d JS: Add StartsWith sanitizer 2020-07-03 14:46:07 +01:00
Asger Feldthaus
4c06eb8bfe JS: Add test showing FPs 2020-07-03 14:45:42 +01:00
Erik Krogh Kristensen
945fe45b6f all split()[0] are safe for url-redirect 2020-05-07 10:55:17 +02:00
Erik Krogh Kristensen
659d40e08d add test to make sure sanitizer is not too broad 2020-05-04 09:49:14 +02:00
Erik Krogh Kristensen
291134be66 add failing test 2020-05-04 09:48:29 +02:00
Asger F
2acd616e6f JS: Review comments 2019-12-06 11:53:06 +00:00
Asger F
bbb6dad726 JS: Update koa testcase 2019-12-06 11:49:59 +00:00
Max Schaefer
b42026a90a JavaScript: Update expected output. 2019-10-29 15:36:24 +00:00
Max Schaefer
dc1d1c2f22 JavaScript: Update expected output. 2019-10-29 15:30:06 +00:00
Max Schaefer
6964945c74 JavaScript: Restrict edges to only contain nodes. 2019-10-29 15:03:52 +00:00