CodeQL library for JavaScript
Search

Module BadTagFilterQuery

Provides precicates for reasoning about bad tag filter vulnerabilities.

Import path

import semmle.javascript.security.BadTagFilterQuery

Imports

ReDoSUtil

Provides classes for working with regular expressions that can perform backtracking in superlinear/exponential time.

Predicates

isBadRegexpFilter

Holds if regexp matches some HTML tags, but misses some HTML tags that it should match.

Classes

HtmlMatchingRegExp

A class to test whether a regular expression matches certain HTML tags.

Aliases

HTMLMatchingRegExp

DEPRECATED: Alias for HtmlMatchingRegExp