hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-05 13:37:06 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
4e656de0438bec914f264485d97155cb649277dc
codeql/java/ql/lib/semmle/code/java/security/XssLocalQuery.qll
Ed Minnix 5f3c8fef3f Privacy markers and fixed imports
2023-05-04 10:25:17 -04:00

21 lines
754 B
Plaintext
Raw Blame History

/** Provides a taint-tracking configuration to reason about cross-site scripting from a local source. */
import java
private import semmle.code.java.dataflow.FlowSources
private import semmle.code.java.dataflow.TaintTracking
private import semmle.code.java.security.XSS
/**
* A taint-tracking configuration for reasoning about cross-site scripting vulnerabilities from a local source.
*/
module XssLocalConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof LocalUserInput }
predicate isSink(DataFlow::Node sink) { sink instanceof XssSink }
}
/**
* Taint-tracking flow for cross-site scripting vulnerabilities from a local source.
*/
module XssLocalFlow = TaintTracking::Global<XssLocalConfig>;
Reference in New Issue View Git Blame Copy Permalink