hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-01 13:23:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
f7532c09e6439da2431241d41b51f7deeafac22c
codeql/javascript/ql/lib
History
Asger F 29659647ea JS: Fix barrier guards for ServerSideUrlRedirect 
The barrier guards for ServerSideUrlRedirect were lost when it was ported to ConfigSig, and the aforementioned spurious alert was a result of that.

The query had two guards: a proper barrier guard and a heuristic one for functions named 'isLocalURL'. We should move away from the heuristic name-based sanitiser guards, so I'm only reinstating the proper barrier guard.

Therefore updating the test to test the real barrier guard.
2025-02-28 13:28:43 +01:00
..
change-notes
Updated change note with response threat model info.
2025-02-25 15:22:14 +01:00
Declarations
JS: Make implicit this receivers explicit
2023-05-03 15:31:00 +02:00
Expressions
delete old deprecations
2023-06-02 11:58:08 +02:00
ext
Revert "Add view-component-input for testing"
2025-01-22 10:45:52 +01:00
external
LanguageFeatures
semmle
JS: Fix barrier guards for ServerSideUrlRedirect
2025-02-28 13:28:43 +01:00
upgrades
JS: Use entities in reorder directives
2024-05-03 11:17:13 -07:00
utils/test
JS: Allow more kinds of expectation comments
2025-02-28 13:27:25 +01:00
BUILD.bazel
Upgrade rules_pkg to 0.10.1.
2024-04-16 16:29:56 +02:00
CHANGELOG.md
Release preparation for version 2.20.5
2025-02-17 16:55:54 +00:00
codeql-pack.release.yml
Release preparation for version 2.20.5
2025-02-17 16:55:54 +00:00
Customizations.qll
default.qll
definitions.qll
Merge branch 'main' into missDocParam
2022-07-13 09:58:04 +02:00
IDEContextual.qll
Share getFileBySourceArchiveName implementation
2024-02-23 11:25:49 +01:00
javascript.qll
Add Tanstack framework support and enhance data flow tracking for fetch responses
2025-02-21 13:24:00 +01:00
localDefinitions.ql
Move contextual queries from src to lib
2022-06-29 07:51:26 -07:00
localReferences.ql
Move contextual queries from src to lib
2022-06-29 07:51:26 -07:00
printAst.ql
Move contextual queries from src to lib
2022-06-29 07:51:26 -07:00
qlpack.lock.yml
qlpack.yml
Post-release preparation for codeql-cli-2.20.5
2025-02-17 17:58:24 +00:00
semmlecode.javascript.dbscheme
add JS support the using keyword
2023-08-24 20:30:26 +02:00
semmlecode.javascript.dbscheme.stats
add to the stat file
2023-08-24 20:30:26 +02:00