CodeQL library for JavaScript
Search

Predicate TaintTracking::promiseStep

Holds if predsucc should be considered a taint-propagating data flow edge through a promise.

These steps consider a promise object to tainted if it can resolve to a tainted value.

Import path

import javascript
predicate promiseStep(Node pred, Node succ)