hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
z80coder/query-pack-release-candidate-2
codeql/javascript/ql/test/query-tests/Security/CWE-020/IncompleteUrlSchemeCheck.js
Esben Sparre Andreasen e172d55ecb Update javascript/ql/test/query-tests/Security/CWE-020/IncompleteUrlSchemeCheck.js 
Co-authored-by: Asger F <asgerf@github.com>
2020-05-22 13:33:34 +02:00

108 lines
2.5 KiB
JavaScript
Raw Permalink Blame History

import * as dummy from 'dummy';
function sanitizeUrl(url) {
let u = decodeURI(url).trim().toLowerCase();
if (u.startsWith("javascript:")) // NOT OK
return "about:blank";
return url;
}
let badProtocols = ['javascript:', 'data:'];
let badProtocolNoColon = ['javascript', 'data'];
let badProtocolsGood = ['javascript:', 'data:', 'vbscript:'];
function test2(url) {
let protocol = new URL(url).protocol;
if (badProtocols.includes(protocol)) // NOT OK
return "about:blank";
return url;
}
function test3(url) {
let scheme = goog.uri.utils.getScheme(url);
if (badProtocolNoColon.includes(scheme)) // NOT OK
return "about:blank";
return url;
}
function test4(url) {
let scheme = url.split(':')[0];
if (badProtocolNoColon.includes(scheme)) // NOT OK
return "about:blank";
return url;
}
function test5(url) {
let scheme = url.split(':')[0];
if (scheme === "javascript") // NOT OK
return "about:blank";
return url;
}
function test6(url) {
let protocol = new URL(url).protocol;
if (badProtocolsGood.includes(protocol)) // OK
return "about:blank";
return url;
}
function test7(url) {
let scheme = url.split(/:/)[0];
if (scheme === "javascript") // NOT OK
return "about:blank";
return url;
}
function test8(url) {
let scheme = goog.uri.utils.getScheme(url);
if ("javascript|data".split("|").indexOf(scheme) !== -1) // NOT OK
return "about:blank";
return url;
}
function test9(url) {
let scheme = goog.uri.utils.getScheme(url);
if ("javascript" === scheme || "data" === scheme) // NOT OK
return "about:blank";
return url;
}
function test10(url) {
let scheme = goog.uri.utils.getScheme(url);
if (/^(javascript|data)$/.exec(scheme) !== null) // NOT OK
return "about:blank";
return url;
}
function test11(url) {
let scheme = goog.uri.utils.getScheme(url);
if (/^(javascript|data)$/.exec(scheme) === null) // NOT OK
return url;
return "about:blank";
}
function test12(url) {
let scheme = goog.uri.utils.getScheme(url);
if (!/^(javascript|data)$/.exec(scheme)) // NOT OK
return url;
return "about:blank";
}
function test13(url) {
let scheme = goog.uri.utils.getScheme(url);
switch (scheme) {
case "javascript": // NOT OK
case "data":
return "about:blank";
default:
return url;
}
}
function test14(url) {
let scheme = goog.uri.utils.getScheme(url);
if (/^(javascript|data)$/.exec(scheme)) // NOT OK
return "about:blank";
return url;
}
Reference in New Issue View Git Blame Copy Permalink