mirror of
https://github.com/github/codeql.git
synced 2026-05-10 09:19:27 +02:00
86afd54a9b
Moved lists of domains to data extensions, including adding those to the overall qlpack.yml Expanded scope of new query to further domains operated by the untrusted owners of polyfill.io
22 lines
721 B
Plaintext
22 lines
721 B
Plaintext
/**
|
|
* @name Inclusion of functionality from an untrusted source
|
|
* @description Including functionality from an untrusted source may allow
|
|
* an attacker to control the functionality and execute arbitrary code.
|
|
* @kind problem
|
|
* @problem.severity warning
|
|
* @security-severity 6.0
|
|
* @precision high
|
|
* @id js/functionality-from-untrusted-source
|
|
* @tags security
|
|
* external/cwe/cwe-830
|
|
*/
|
|
|
|
import javascript
|
|
import semmle.javascript.security.FunctionalityFromUntrustedSource
|
|
|
|
from AddsUntrustedUrl s
|
|
// do not alert on explicitly untrusted domains
|
|
// another query can alert on these, js/functionality-from-untrusted-domain
|
|
where not isUrlWithUntrustedDomain(s.getUrl())
|
|
select s, s.getProblem()
|