hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
66737402c20fc83b3d3a654dcccf4b26c901b100
codeql/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/tainted-url-suffix-arguments.js
Asger F 64d39da5f8 JS: Accept Sources/Sink tags
2025-02-28 13:29:30 +01:00

14 lines
275 B
JavaScript
Raw Blame History

import 'dummy';
function foo(x, y, z) {
arguments; // ensure 'arguments' are used
document.writeln(x);
document.writeln(y); // $ Alert
document.writeln(z);
}
function bar() {
const url = window.location.href; // $ Source
foo('safe', url, 'safe');
}
Reference in New Issue View Git Blame Copy Permalink