mirror of
https://github.com/github/codeql.git
synced 2025-12-26 21:56:39 +01:00
a803120414
These queries are currently run by default, but don't have their results displayed. Looking through results on LGTM.com, they are either false positives (e.g., `BitwiseSignCheck` which flags many perfectly harmless operations and `CompareIdenticalValues` which mostly flags NaN checks) or harmless results that developers are unlikely to care about (e.g., `EmptyArrayInit` or `MisspelledIdentifier`). With this PR, the only queries that are still run but not displayed are security queries, where different considerations may apply.
35 lines
1.1 KiB
Plaintext
35 lines
1.1 KiB
Plaintext
/**
|
|
* @name Conflicting HTML element attributes
|
|
* @description If an HTML element has two attributes with the same name
|
|
* but different values, its behavior may be browser-dependent.
|
|
* @kind problem
|
|
* @problem.severity warning
|
|
* @id js/conflicting-html-attribute
|
|
* @tags maintainability
|
|
* correctness
|
|
* external/cwe/cwe-758
|
|
* @precision low
|
|
*/
|
|
|
|
import javascript
|
|
|
|
/**
|
|
* Holds if `earlier` and `later` are attribute definitions with the same name
|
|
* and different values, where `earlier` appears textually before `later`.
|
|
*/
|
|
predicate conflict(DOM::AttributeDefinition earlier, DOM::AttributeDefinition later) {
|
|
exists(DOM::ElementDefinition elt, int i, int j |
|
|
earlier = elt.getAttribute(i) and later = elt.getAttribute(j)
|
|
|
|
|
i < j and
|
|
earlier.getName() = later.getName() and
|
|
not earlier.getStringValue() = later.getStringValue()
|
|
)
|
|
}
|
|
|
|
from DOM::AttributeDefinition earlier, DOM::AttributeDefinition later
|
|
where conflict(earlier, later) and not conflict(_, earlier)
|
|
select earlier,
|
|
"This attribute has the same name as $@ of the same element, " + "but a different value.", later,
|
|
"another attribute"
|