hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
66737402c20fc83b3d3a654dcccf4b26c901b100
codeql/javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/tst.js
Asger F 64d39da5f8 JS: Accept Sources/Sink tags
2025-02-28 13:29:30 +01:00

31 lines
1.1 KiB
JavaScript
Raw Blame History

eval(document.location.href.substring(document.location.href.indexOf("default=")+8)) // $ Alert[js/code-injection]
setTimeout(document.location.hash); // $ Alert[js/code-injection]
setTimeout(document.location.protocol);
$('. ' + document.location.hostname);
Function(document.location.search.replace(/.*\bfoo\s*=\s*([^;]*).*/, "$1")); // $ Alert[js/code-injection]
WebAssembly.compile(document.location.hash); // $ Alert[js/code-injection]
WebAssembly.compileStreaming(document.location.hash); // $ Alert[js/code-injection]
eval(atob(document.location.hash.substring(1))); // $ Alert[js/code-injection]
$('<a>').attr("onclick", location.search.substring(1)); // $ Alert[js/code-injection]
(function test() {
var source = document.location.search.replace(/.*\bfoo\s*=\s*([^;]*).*/, "$1"); // $ Source[js/code-injection]
new Function(source); // $ Alert[js/code-injection]
Function(source); // $ Alert[js/code-injection]
new Function("a", "b", source); // $ Alert[js/code-injection]
new Function(...["a", "b"], source); // $ Alert[js/code-injection]
})();
Reference in New Issue View Git Blame Copy Permalink