CodeQL library for JavaScript/TypeScript
codeql/javascript-all 2.0.1-dev (changelog, source)
Search

Predicate RegExp::isGenericRegExpSanitizer

Holds if term is a generic sanitizer for strings that match (if outcome is true) or strings that don’t match (if outcome is false).

Specifically, whitelisting regexps such as ^(foo|bar)$ sanitize matches in the true case. Inverted character classes such as [^a-z] or \W sanitize matches in the false case.

Import path

import javascript
predicate isGenericRegExpSanitizer(RegExpTerm term, boolean outcome)