mirror of
https://github.com/github/codeql.git
synced 2025-12-17 09:13:20 +01:00
15 lines
762 B
Markdown
15 lines
762 B
Markdown
## 0.1.2
|
|
|
|
### Deprecated APIs
|
|
|
|
* The `ReflectedXss`, `StoredXss`, `XssThroughDom`, and `ExceptionXss` modules from `Xss.qll` have been deprecated.
|
|
Use the `Customizations.qll` file belonging to the query instead.
|
|
|
|
### Minor Analysis Improvements
|
|
|
|
* The [cash](https://github.com/fabiospampinato/cash) library is now modelled as an alias for JQuery.
|
|
Sinks and sources from cash should now be handled by all XSS queries.
|
|
* Added the `Selection` api as a DOM text source in the `js/xss-through-dom` query.
|
|
* The security queries now recognize drag and drop data as a source, enabling the queries to flag additional alerts.
|
|
* The security queries now recognize ClipboardEvent function parameters as a source, enabling the queries to flag additional alerts.
|