CodeQL library for JavaScript/TypeScript
codeql/javascript-all 2.6.1-dev (changelog, source)
Index
Search

Class StaticCreation::CdnScriptElementWithUntrustedContent

A script element that refers to untrusted content.

Import path

import semmle.javascript.security.FunctionalityFromUntrustedSource

Direct supertypes

Indirect supertypes

Predicates

getProblem

Gets an explanation why this source is untrusted.

getUrl

Gets the URL of the untrusted source.

Inherited predicates

getAPrimaryQlClass

Gets the primary QL class for the Locatable.

from ScriptElement
getAnAttribute

Gets an attribute of this element.

from Element
getAttribute

Gets the ith attribute (0-based) of this element.

from Element
getAttributeByName

Gets an attribute of this element that has the given name.

from Element
getChild

Gets a child element of this element.

from Element
getChild

Gets the ith child element (0-based) of this element.

from Element
getDocument

Gets the root HTML document element in which this element is contained.

from Element
getEndLine

Gets the line on which this element ends.

from Locatable
getFile

Gets the file this program element comes from.

from Locatable
getIntegrityDigest

Gets the value of the integrity attribute.

from ScriptElement
getLocation

Gets this element’s location.

from Locatable
getName

Gets the name of this HTML element.

from Element
getNumLines

Gets the number of lines covered by this element.

from Locatable
getParent

Gets the parent element of this element, if any.

from Element
getPrimaryQlClasses

Gets a comma-separated list of the names of the primary CodeQL classes to which this element belongs.

from Locatable
getRoot

Gets the root element in which this element is contained.

from Element
getScript

Gets the script of this element, if it can be determined.

from ScriptElement
getSearchRoot

Gets the folder relative to which the src attribute is resolved.

from ScriptElement
getSourcePath

Gets the value of the src attribute.

from ScriptElement
getStartLine

Gets the line on which this element starts.

from Locatable
isTopLevel

Holds if this is a toplevel element, that is, if it does not have a parent element.

from Element
resolveSource

Gets the script referred to by the src attribute, if it can be determined.

from ScriptElement
resolveSourcePath

Gets the absolute file system path the value of the src attribute of this script tag resolves to, if any.

from ScriptElement
toString

Gets a textual representation of this element.

from Element

Charpred

CdnScriptElementWithUntrustedContent