CodeQL library for JavaScript/TypeScript
codeql/javascript-all 2.2.1-dev (changelog, source)
Search

Module DynamicCreation

Looks for dyanmic creation of an element and source.

Import path

import semmle.javascript.security.FunctionalityFromUntrustedSource

Predicates

getAttributeAssignmentRhs

Get the right-hand side of an assignment to a named attribute.

isAssignedToSrcAttribute

Holds if sink is assigned to the attribute name of any HTML element.

isCreateElementNode

Holds if call creates a tag of kind name.

isCreateScriptNodeWoIntegrityCheck

Holds if createCall creates a <script ../> element which never has its integrity attribute set locally.

urlTrackedFromUnsafeSourceLiteral

Holds a dataflow node is traked from an untrusted source.

urlTrackedFromUnsafeSourceLiteral

Holds if t tracks a URL that is loaded from an untrusted source.

Classes

IframeOrScriptSrcAssignment

A script or iframe element that refers to untrusted content.