CodeQL library for C#
codeql/csharp-all 0.8.9 (changelog, source)
Search

Module XssTrackingConfig

A taint-tracking configuration for cross-site scripting (XSS) vulnerabilities.

Import path

import semmle.code.csharp.security.dataflow.XSSQuery

Predicates

isBarrier

Holds if data flow through node is prohibited. This completely removes node from the data flow graph.

isSink

Holds if sink is a relevant data flow sink.

isSource

Holds if source is a relevant data flow source.