Asger F
|
bc34a045d3
|
JS: Triage discrepancies and update test
|
2025-01-10 14:18:31 +01:00 |
|
Asger F
|
18ab066e79
|
JS: Remove OK comments that don't provide further explanation
|
2025-01-10 14:18:30 +01:00 |
|
Asger F
|
c2b65b1f85
|
JS: Port IncompleteUrlSubstringSanitization test
|
2025-01-10 14:18:29 +01:00 |
|
Asger F
|
6b4be13a8e
|
JS: Move annotations to the correct line
|
2025-01-10 14:18:28 +01:00 |
|
Asger F
|
95e20a045b
|
JS: Port IncompleteUrlSchemeCheck test
|
2025-01-10 14:18:26 +01:00 |
|
Asger F
|
563471dd52
|
JS: Triage discrepancies and update test
|
2025-01-10 14:18:25 +01:00 |
|
Asger F
|
48f7a58d01
|
JS: Update IncompleteHostnameRegExp test to match reality
|
2025-01-10 14:18:24 +01:00 |
|
Asger F
|
a83508a828
|
JS: Port IncompleteHostNameRegExt test
|
2025-01-10 14:18:23 +01:00 |
|
Michael Nebel
|
c3fe3e468c
|
Javascript: Update all test util paths to point to the new location.
|
2024-12-12 13:54:25 +01:00 |
|
Napalys
|
3171f38cdd
|
JS: fixed bad alert messages when it came to incomplete sanitization for new RegExp objects
|
2024-11-29 11:14:45 +01:00 |
|
Napalys Klicius
|
9ca0fe4cbf
|
Update RegExp handling and add test case
Co-authored-by: erik-krogh <erik-krogh@github.com>
|
2024-11-28 14:13:40 +01:00 |
|
Napalys
|
1d2e08a3b6
|
JS: now Reg Exp injection treats unknownFlags as sanitization, MetacharEscapeSanitizer
|
2024-11-28 11:26:58 +01:00 |
|
Napalys
|
62194f5337
|
JS: add test cases RegExp with unknown flags
|
2024-11-28 11:26:57 +01:00 |
|
Napalys
|
e673348ed3
|
JS: now RegExp with unknown flags is not flagged as an issue within password Clear text storage of sensitive information
|
2024-11-28 11:26:56 +01:00 |
|
Napalys
|
a2c46749c6
|
JS: fixed issue where MaskingReplacer would work only with regexp literals but not objects
|
2024-11-28 11:26:55 +01:00 |
|
Napalys
|
1ca57cfb9d
|
JS: add test cases with RegExp object for MaskingReplacer, currently gives wrong results
|
2024-11-28 11:26:54 +01:00 |
|
Napalys
|
c71778f1aa
|
JS: xss does not flag anymore replace with RegExp unknown flags
|
2024-11-28 11:26:53 +01:00 |
|
Napalys
|
dbae553146
|
JS: add xss test cases with unknownflags for replace using RegExp
|
2024-11-28 11:26:52 +01:00 |
|
Napalys
|
fe28657c7d
|
JS: add test cases with unknown flags for double escaping, works as expected.
|
2024-11-28 11:26:51 +01:00 |
|
Napalys
|
98fd97799c
|
JS: imcomplete sanization now handles properly maybe global
|
2024-11-28 11:26:50 +01:00 |
|
Napalys
|
1ae174849f
|
JS: incomplete sanitization now also works with RegExp objects
|
2024-11-28 11:26:48 +01:00 |
|
Napalys
|
76318035ff
|
JS: Add test cases for RegExp object usage in replace within incomplete sanitization
|
2024-11-28 11:26:47 +01:00 |
|
Napalys
|
9c2366a660
|
JS: Added tests for ReDos with unknownFlags, everything seems to be good
|
2024-11-28 11:26:46 +01:00 |
|
Napalys
|
875478c1c6
|
JS: Fixed path query not flagging new RegExp with DotRemovingReplaceCall
|
2024-11-28 11:26:45 +01:00 |
|
Napalys
|
aa557cf950
|
JS: Added tests for DotRemovingReplaceCall with RegExp Object.
|
2024-11-28 11:26:44 +01:00 |
|
Napalys
|
a0df33c3ac
|
JS: UnsafeShellCommand Using unknown flags in the RegExp object is no longer flagged as bad sanitization to reduce false positives.
|
2024-11-28 11:26:43 +01:00 |
|
Napalys
|
155f1fca85
|
JS: Added test cases for unsafe shell command sanitization with RegExpr Object, instead of literal
|
2024-11-28 11:26:42 +01:00 |
|
Napalys
|
23b18aeca9
|
JS: Now unknown flags are not flagged in taint paths
|
2024-11-28 11:26:41 +01:00 |
|
Napalys
|
7db6f7c721
|
JS: Added test cases with new RegExp for Tainted paths, currently works only with literals
|
2024-11-28 11:26:39 +01:00 |
|
Napalys
|
faef9dd877
|
JS: protyte poluting now treats unknownFlags as potentially good sanitization.
|
2024-11-28 11:26:38 +01:00 |
|
Napalys
|
41fef0f2b3
|
JS: Added test cases which cover new RegExp creation with replace on protytpe pulluting
|
2024-11-28 11:26:37 +01:00 |
|
Napalys
|
18c7b18f82
|
JS: Now BadHtmlSanitizers new RegExp with unknown flags is also flagged.
|
2024-11-28 11:26:36 +01:00 |
|
Napalys
|
89f3b6f8d3
|
JS: Added test case for bad sanitizer with unknown flags, currently not flagged.
|
2024-11-28 11:26:35 +01:00 |
|
Napalys
|
38be0e4c0a
|
JS: Now BadHtmlSanitizers also flags new RegExp as potential issue
|
2024-11-28 11:26:34 +01:00 |
|
Napalys
|
41f21d429b
|
JS: Added test case which is not flagged but should be abusing new RegExp with global flag
|
2024-11-28 11:26:33 +01:00 |
|
Napalys Klicius
|
d6372aebc7
|
Update javascript/ql/src/Security/CWE-178/CaseSensitiveMiddlewarePath.ql
Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
|
2024-11-25 12:12:12 +01:00 |
|
Napalys
|
e38b63ebcd
|
JS: previously js/case-sensitive-middleware-path was not taking into consideration unknown flags
|
2024-11-25 11:56:06 +01:00 |
|
Napalys
|
178da21fb8
|
JS: Added test case for CWE-178 RegExp with unknown flags
|
2024-11-25 11:53:00 +01:00 |
|
Napalys
|
a28fc8e772
|
JS: Add: Use of returnless function support for findLast and findLastIndex
|
2024-11-15 14:44:25 +01:00 |
|
Napalys
|
7250099f6c
|
JS: Add: Test cases use of returnless function in findLast and findLastIndex
|
2024-11-15 14:42:11 +01:00 |
|
Napalys
|
70cf1a57bc
|
Now catches usage of RegExp. after matchAll usage.
|
2024-11-08 08:59:31 +01:00 |
|
Napalys
|
c2baf0bd6d
|
Added test where RegExp. is used after matchAll but it not flagged as potential issue
|
2024-11-08 08:56:12 +01:00 |
|
Napalys
|
dbd57e3870
|
Fixed issue where TaintTracking was not catching matchAll vulnerability
|
2024-11-07 13:40:10 +01:00 |
|
Napalys
|
a4fe728af2
|
Added matchAll test which is not marked as vulnurability by CodeQL
|
2024-11-07 13:35:09 +01:00 |
|
Napalys Klicius
|
7825a46085
|
Merge branch 'github:main' into napalys/matchAll-support
|
2024-11-05 09:31:30 +01:00 |
|
Napalys
|
b239bfabf1
|
Added tests forIncompleteHostnameRegExp and normalizedPaths using matchAll
|
2024-11-05 09:22:26 +01:00 |
|
Napalys
|
ccee34d6d3
|
Added support for matchAll in CWE-020 including new test cases
|
2024-11-05 08:51:24 +01:00 |
|
Rasmus Wriedt Larsen
|
c0ad9ba529
|
Merge branch 'main' into js-threat-models
|
2024-11-01 10:48:32 +01:00 |
|
Tom Hvitved
|
1259b7e8e7
|
JS: Post-processing query for inline test expectations
|
2024-10-29 13:35:38 +01:00 |
|
Rasmus Wriedt Larsen
|
1726287bf4
|
JS: Add e2e threat-model test
|
2024-10-25 15:03:44 +02:00 |
|