hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
66737402c20fc83b3d3a654dcccf4b26c901b100
codeql/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/angular-tempate-url.js
Asger F 64d39da5f8 JS: Accept Sources/Sink tags
2025-02-28 13:29:30 +01:00

16 lines
360 B
JavaScript
Raw Blame History

angular.module('myApp', [])
.directive('myCustomer', function() {
return {
templateUrl: "SAFE"
}
})
.directive('myCustomer', function() {
return {
templateUrl: Cookie.get("unsafe") // $ Alert
}
});
addEventListener('message', (ev) => { // $ Source
Cookie.set("unsafe", ev.data);
});
Reference in New Issue View Git Blame Copy Permalink