mirror of
https://github.com/github/codeql.git
synced 2025-12-18 18:10:39 +01:00
38 lines
849 B
JavaScript
38 lines
849 B
JavaScript
// NOT OK
|
|
eval(document.location.href.substring(document.location.href.indexOf("default=")+8))
|
|
|
|
// NOT OK
|
|
setTimeout(document.location.hash);
|
|
|
|
// OK
|
|
setTimeout(document.location.protocol);
|
|
|
|
// OK
|
|
$('. ' + document.location.hostname);
|
|
|
|
// NOT OK
|
|
Function(document.location.search.replace(/.*\bfoo\s*=\s*([^;]*).*/, "$1"));
|
|
|
|
// NOT OK
|
|
WebAssembly.compile(document.location.hash);
|
|
|
|
// NOT OK
|
|
WebAssembly.compileStreaming(document.location.hash);
|
|
|
|
// NOT OK
|
|
eval(atob(document.location.hash.substring(1)));
|
|
|
|
// NOT OK
|
|
$('<a>').attr("onclick", location.search.substring(1));
|
|
|
|
(function test() {
|
|
var source = document.location.search.replace(/.*\bfoo\s*=\s*([^;]*).*/, "$1");
|
|
|
|
new Function(source); // NOT OK
|
|
|
|
Function(source); // NOT OK
|
|
|
|
new Function("a", "b", source); // NOT OK
|
|
|
|
new Function(...["a", "b"], source); // NOT OK
|
|
})(); |