CodeQL library for JavaScript
codeql/javascript-all 0.6.2 ( changelog , source )
Search

Member predicate TaintTracking :: SharedTaintStep :: uriStep

Holds if predsucc should be considered a taint-propagating data flow edge through URI manipulation.

Does not include string operations that aren’t specific to URIs, such as concatenation and substring operations.

predicate uriStep ( Node pred , Node succ )