hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
66737402c20fc83b3d3a654dcccf4b26c901b100
codeql/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/various-concat-obfuscations.js
Asger F 64d39da5f8 JS: Accept Sources/Sink tags
2025-02-28 13:29:30 +01:00

23 lines
857 B
JavaScript
Raw Blame History

function test() {
let tainted = document.location.search; // $ Source
$("<div>" + tainted + "</div>"); // $ Alert
$(`<div>${tainted}</div>`); // $ Alert
$("<div>".concat(tainted).concat("</div>")); // $ Alert
$(["<div>", tainted, "</div>"].join()); // $ Alert
$("<div id=\"" + tainted + "\"/>"); // $ Alert
$(`<div id="${tainted}"/>`); // $ Alert
$("<div id=\"".concat(tainted).concat("/>")); // $ Alert
$(["<div id=\"", tainted, "\"/>"].join()); // $ Alert
function indirection1(attrs) {
return '<div align="' + (attrs.defaultattr || 'left') + '">' + content + '</div>';
}
function indirection2(attrs) {
return '<div align="'.concat(attrs.defaultattr || 'left').concat('">'.concat(content)).concat('</div>');
}
$(indirection1(document.location.search.attrs)); // $ Alert
$(indirection2(document.location.search.attrs)); // $ Alert
};
Reference in New Issue View Git Blame Copy Permalink