CodeQL library for JavaScript/TypeScript
codeql/javascript-all 2.1.2-dev (changelog, source)
Search

Member predicate TaintTracking::SharedTaintStep::uriStep

Holds if predsucc should be considered a taint-propagating data flow edge through URI manipulation.

Does not include string operations that aren’t specific to URIs, such as concatenation and substring operations.

predicate uriStep(Node pred, Node succ)