CodeQL library for JavaScript/TypeScript
codeql/javascript-all 0.9.1 (changelog, source)

Member predicate Routing::Node::getValueImplicitlyStoredInAccessPath

Gets a node whose value can be accessed via the given access path on the nth route handler parameter, from any route handler that follows after this one.

This predicate may be overridden by framework models and only accounts for assignments made by the framework; not necessarily assignments that are explicit in the application code.

For example, in the context of Express, the app object is available as

app.get('/', (req, res) => {; // alias for 'app'

This can be modeled by mapping (0, "app") to the app data-flow node (n=0 corresponds to the req parameter).

Node getValueImplicitlyStoredInAccessPath(int n, string path)