codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00

Author	SHA1	Message	Date
Erik Krogh Kristensen	53b26eba17	Merge pull request #8724 from erik-krogh/postMessage JS: promote the `js/missing-origin-verification` query	2022-05-09 12:28:58 +02:00
Erik Krogh Kristensen	fe1e47bc17	Merge pull request #8710 from bananabr/dragAndDrop JS: drag and drop API Xss sources	2022-05-09 12:22:28 +02:00
Erik Krogh Kristensen	611a412f2a	Merge pull request #8990 from bananabr/selection JS: Selection API DOM text source	2022-05-09 12:22:18 +02:00
Erik Krogh Kristensen	0d8bef7e92	Merge pull request #6736 from erik-krogh/polyReplace JS: track flow through string replace calls that just replace single chars for js/polynomial-redos	2022-05-04 16:30:20 +02:00
bananabr	2e2d4c6e1f	updated tests to consider document.getSelection()	2022-05-03 21:03:35 -05:00
bananabr	57ae07017f	adds the Selection API as a new DOM text source	2022-04-30 18:27:31 -05:00
Erik Krogh Kristensen	080271f14f	Merge pull request #8221 from erik-krogh/libProto JS: recognize more module exports from the factory pattern	2022-04-29 11:23:53 +02:00
Stephan Brandauer	3f13a5e082	fix a FN for prototype polluting function query	2022-04-28 22:00:09 +02:00
Stephan Brandauer	4964f2df9a	add flow step to rest parameters	2022-04-27 16:03:19 +02:00
Erik Krogh Kristensen	6738270b65	Merge pull request #8229 from erik-krogh/parenSan JS: step through parentheses in barrier functions	2022-04-26 10:30:21 +02:00
Erik Krogh Kristensen	0a26e891a2	include startsWith/endsWith checks in js/missing-origin-check	2022-04-25 15:28:50 +02:00
Erik Krogh Kristensen	ff5b873557	Merge pull request #8773 from erik-krogh/exhaustion JS: promote `js/resource-exhaustion` out of experimental	2022-04-20 19:33:42 +02:00
Erik Krogh Kristensen	10130eef6d	Merge pull request #8678 from erik-krogh/fileSource JS: Add files as a source for `js/xss-through-dom`	2022-04-20 09:18:38 +02:00
Stephan Brandauer	2fb3147b7b	Merge pull request #8430 from kaeluka/js/CVE-2022-24718 JS: Add taint step for handlebars model	2022-04-19 15:57:58 +01:00
Erik Krogh Kristensen	8669bbd948	update expected output of rate-limit query after test reorg	2022-04-19 14:27:24 +02:00
Erik Krogh Kristensen	7f592a6c64	merge `Clipboard.qll` and `DragAndDrop.qll`, and support `InputEvent`	2022-04-18 22:17:31 +02:00
Erik Krogh Kristensen	4c97f68a3d	remove postmessage events as source for js/resource-exhaustion	2022-04-13 23:14:42 +02:00
Erik Krogh Kristensen	51a0b6d501	remove client-side remote-flow from js/resource-exhaustion	2022-04-13 23:05:59 +02:00
Erik Krogh Kristensen	a9595af01e	update expected output	2022-04-13 09:43:21 +02:00
Erik Krogh Kristensen	dd28157d0a	add test of a length check	2022-04-13 09:43:21 +02:00
Erik Krogh Kristensen	8e47a9b242	add sanitizer step for .length in js/resource-exhaustion	2022-04-13 09:30:09 +02:00
Stephan Brandauer	fb66ccff39	handlebars taint step: conservatively assume unknown templates have no flow to helpers	2022-04-13 09:27:59 +02:00
Erik Krogh Kristensen	ebf9ba7250	remove the type-overloaded new Buffer() as a sink	2022-04-12 16:29:58 +02:00
Erik Krogh Kristensen	e2b7f7d05d	reintroduce the number sinks	2022-04-12 16:26:10 +02:00
Erik Krogh Kristensen	029459cc35	reorganize CWE-770 tests	2022-04-12 16:15:40 +02:00
Erik Krogh Kristensen	8fb54c3f32	move `js/resource-exhaustion` out of experimental	2022-04-12 15:51:36 +02:00
Erik Krogh Kristensen	bca4d14129	rename files	2022-04-12 14:37:43 +02:00
Erik Krogh Kristensen	591fcda862	various improvements to the js/missing-origin-verification query	2022-04-12 14:20:41 +02:00
Erik Krogh Kristensen	2d6d304d7c	add `InclusionTest` to `PostMessageEventSanitizer`	2022-04-12 14:12:36 +02:00
Erik Krogh Kristensen	e2badab251	update expected output after test reorganization	2022-04-12 10:39:28 +02:00
Erik Krogh Kristensen	ec9c308d06	reorganize the tests in CWE-020	2022-04-12 10:39:28 +02:00
Erik Krogh Kristensen	34abef8a6c	Merge branch 'main' into dragAndDrop	2022-04-11 23:59:46 +02:00
bananabr	57fac949fd	included ClipboardEvent and DragEvent as XSS sources	2022-04-11 16:37:00 -05:00
Erik Krogh Kristensen	aafa8ddc9f	add support for domNode.onpaste for copy-paste events	2022-04-11 20:10:56 +02:00
Erik Krogh Kristensen	6713b2c671	add support for domNode.ondrop for drag-and-drop events	2022-04-11 20:06:12 +02:00
bananabr	0f1582f3f6	included JavaScript drag and drop API Xss sources	2022-04-09 22:33:30 -05:00
Asger Feldthaus	b85739cb7e	JS: Update test output	2022-04-07 13:23:26 +02:00
Asger Feldthaus	4eda6f643f	JS: Recognize subclasses of HTMLElement in domValueRef	2022-04-07 09:57:31 +02:00
Erik Krogh Kristensen	0435cee57f	add a taint-step through URL.createObjectURL for js/xss-through-dom	2022-04-06 12:18:47 +02:00
Erik Krogh Kristensen	b11d48e749	add files in the DOM as a source for js/xss-through-dom	2022-04-06 12:09:07 +02:00
Stephan Brandauer	9c3fcb6268	precise tracking of handlebars arguments	2022-03-28 17:26:43 +02:00
Erik Krogh Kristensen	cf94c93b1a	Merge pull request #8481 from erik-krogh/schemeChain JS: recognize string replacement chains as scheme checks in js/incomplete-url-scheme-check	2022-03-25 11:13:10 +01:00
Stephan Brandauer	a28e9c5b6e	documentation for handlebars.js flow step	2022-03-24 13:08:52 +01:00
Stephan Brandauer	0bd9e9f298	add handlebars taint step	2022-03-24 11:46:16 +01:00
Erik Krogh Kristensen	c8385a1e80	js/xss-through-dom: filter away reads of .src that end in a URL sink	2022-03-21 16:48:59 +01:00
Arthur Baars	431b60506e	Merge remote-tracking branch 'upstream/main' into incomplete-hostname	2022-03-18 13:05:34 +01:00
Erik Krogh Kristensen	693c77f3df	add test for string replacement chains of URL schemes	2022-03-18 11:05:59 +01:00
Erik Krogh Kristensen	6cdc38748c	update expected output	2022-03-16 22:32:09 +01:00
Erik Krogh Kristensen	d8a5947a08	simplify TaintedUrlSuffix::source() to only consider window.location based sources	2022-03-16 22:32:09 +01:00
Erik Krogh Kristensen	f083e87fa1	refactor the `js/xss` query to use three flowlabels and one configuration	2022-03-16 22:32:08 +01:00

1 2 3 4 5 ...

1767 Commits