hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-26 09:18:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
d63df71a8a94de5735d23769d9b7970af85da987
codeql/javascript/ql/test/query-tests/Security/CWE-079/ReflectedXssWithCustomSanitizer.ql
Anders Schack-Mulligen e58094c732 Javascript: Autoformat.
2019-01-11 11:02:42 +01:00

21 lines
704 B
Plaintext
Raw Blame History

//
// Modern version of ReflectedXssWithCustomSanitizer_old.ql
//
import javascript
import semmle.javascript.security.dataflow.ReflectedXss::ReflectedXss
class IsVarNameSanitizer extends TaintTracking::AdditionalSanitizerGuardNode, DataFlow::CallNode {
IsVarNameSanitizer() { getCalleeName() = "isVarName" }
override predicate sanitizes(boolean outcome, Expr e) {
outcome = true and
e = getArgument(0).asExpr()
}
override predicate appliesTo(TaintTracking::Configuration cfg) { cfg instanceof Configuration }
}
from Configuration xss, Source source, Sink sink
where xss.hasFlow(source, sink)
select sink, "Cross-site scripting vulnerability due to $@.", source, "user-provided value"
Reference in New Issue View Git Blame Copy Permalink