hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
sauyon/java-spring-stringutils
codeql/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/various-concat-obfuscations.js
Esben Sparre Andreasen 9678534f25 JS: add tests for some syntactic XSS vector obfuscations
2021-02-01 10:20:23 +01:00

23 lines
835 B
JavaScript
Raw Permalink Blame History

function test() {
let tainted = document.location.search;
$("<div>" + tainted + "</div>"); // NOT OK
$(`<div>${tainted}</div>`); // NOT OK
$("<div>".concat(tainted).concat("</div>")); // NOT OK
$(["<div>", tainted, "</div>"].join()); // NOT OK
$("<div id=\"" + tainted + "\"/>"); // NOT OK
$(`<div id="${tainted}"/>`); // NOT OK
$("<div id=\"".concat(tainted).concat("/>")); // NOT OK
$(["<div id=\"", tainted, "\"/>"].join()); // NOT OK
function indirection1(attrs) {
return '<div align="' + (attrs.defaultattr || 'left') + '">' + content + '</div>';
}
function indirection2(attrs) {
return '<div align="'.concat(attrs.defaultattr || 'left').concat('">'.concat(content)).concat('</div>');
}
$(indirection1(document.location.search.attrs)); // NOT OK
$(indirection2(document.location.search.attrs)); // NOT OK
};
Reference in New Issue View Git Blame Copy Permalink