CodeQL library for JavaScript
Search

Module TaintTracking::Cached::Public

Public taint step relations.

Import path

import javascript

Predicates

arrayStep

Holds if pred -> succ is a taint propagating data flow edge through an array.

deserializeStep

Holds if predsucc should be considered a taint-propagating data flow edge through data deserialization, such as JSON.parse.

heapStep

Holds if pred -> succ is a taint propagating data flow edge through the heap.

persistentStorageStep

Holds if pred -> succ is a taint propagating data flow edge through persistent storage.

promiseStep

Holds if predsucc should be considered a taint-propagating data flow edge through a promise.

serializeStep

Holds if predsucc should be considered a taint-propagating data flow edge through data serialization, such as JSON.stringify.

stringConcatenationStep

Holds if pred -> succ is a taint propagating data flow edge through string concatenation.

stringManipulationStep

Holds if pred -> succ is a taint propagating data flow edge through string manipulation (other than concatenation).

uriStep

Holds if predsucc should be considered a taint-propagating data flow edge through a URI library function.

viewComponentStep

Holds if pred -> succ is a taint propagating data flow edge through the properties of a view compenent, such as the state or props of a React component.