hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-08 16:44:04 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
3d4287b7cc0dc4c9ca76bee820fd25c3444e52dd
codeql/javascript/ql/test/query-tests
History
Asger F 4568967a76 JS: Do not use legacy taint steps in TaintedUrlSuffix 
Tainted URL suffix steps are added as configuration-specific additional
steps, which means implicit reads may occur before any of these steps.

These steps accidentally included the legacy taint steps which include
a step from 'arguments' to all positional parameters. Combined with the
implicit read, arguments could escape their array index and flow to
any parameter while in the tainted-url flow state.
2024-08-29 13:48:30 +02:00
..
AlertSuppression
AlertSuppression: add more tests
2022-12-19 16:43:11 +01:00
AngularJS
fix some more style-guide violations in the alert-messages
2022-10-07 11:22:22 +02:00
Comments
QL code and tests for C#/C++/JavaScript.
2018-08-02 17:53:23 +01:00
Declarations
fix some more style-guide violations in the alert-messages
2022-10-07 11:22:22 +02:00
definitions
JS: Remove jump-to-namespace
2019-05-22 14:42:48 +01:00
Diagnostics
Renames diagnostic query files and tests
2024-01-29 20:19:20 +00:00
DOM
Added Django test
2023-11-29 08:26:49 +01:00
Electron
revert "Chaning EOL in two files"
2018-09-14 09:03:48 -07:00
Expressions
JS: Add UseServer and UseClient directives
2024-03-26 09:39:39 +01:00
external
JS: Remove code duplication library
2021-03-25 15:20:59 +00:00
filters/ClassifyFiles
JS: Add test
2020-06-29 15:54:06 +01:00
JSDoc
JavaScript: Replace --externs extractor flag with /** @externs */ comment.
2019-11-06 13:01:28 +00:00
LanguageFeatures
exclude tagged template literals from js/superfluous-trailing-arguments
2024-02-06 09:36:30 +01:00
Metrics
JS tests: add queries.xml
2019-12-07 02:38:02 +01:00
NodeJS
fix some more style-guide violations in the alert-messages
2022-10-07 11:22:22 +02:00
Performance
fix some more style-guide violations in the alert-messages
2022-10-07 11:22:22 +02:00
React
JS: model React's getDerivedStateFromError
2019-11-21 13:18:43 +01:00
RegExp
JS: Update test for RegExpAlwaysMatches
2023-05-26 14:10:26 +02:00
Security
JS: Do not use legacy taint steps in TaintedUrlSuffix
2024-08-29 13:48:30 +02:00
Statements
Update UselessConditional.expected
2024-02-13 18:31:24 +01:00
Summary
JS: Add lines of user code summary query
2021-06-07 16:41:59 +02:00
Vue
JS: add query js/vue/arrow-method-on-vue-instance
2019-02-06 09:38:00 +01:00
WrongExtensionJSON
QL code and tests for C#/C++/JavaScript.
2018-08-02 17:53:23 +01:00