hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-16 04:24:01 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
49e146758147b15aea65c9ba28247ddfb563daeb
codeql/javascript/ql/lib/semmle/javascript/security/dataflow/StoredXssQuery.qll
Anders Schack-Mulligen 8d97fe9ed3 JavaScript: Autoformat
2023-03-10 09:41:20 +01:00

39 lines
1.1 KiB
Plaintext
Raw Blame History

/**
* Provides a taint-tracking configuration for reasoning about stored
* cross-site scripting vulnerabilities.
*/
import javascript
import StoredXssCustomizations::StoredXss
private import Xss::Shared as Shared
/**
* A taint-tracking configuration for reasoning about XSS.
*/
class Configuration extends TaintTracking::Configuration {
Configuration() { this = "StoredXss" }
override predicate isSource(DataFlow::Node source) { source instanceof Source }
override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
override predicate isSanitizer(DataFlow::Node node) {
super.isSanitizer(node) or
node instanceof Sanitizer
}
override predicate isSanitizerGuard(TaintTracking::SanitizerGuardNode guard) {
guard instanceof QuoteGuard or
guard instanceof ContainsHtmlGuard
}
}
private class QuoteGuard extends TaintTracking::SanitizerGuardNode, Shared::QuoteGuard {
QuoteGuard() { this = this }
}
private class ContainsHtmlGuard extends TaintTracking::SanitizerGuardNode, Shared::ContainsHtmlGuard
{
ContainsHtmlGuard() { this = this }
}
Reference in New Issue View Git Blame Copy Permalink