CodeQL library for JavaScript/TypeScript
codeql/javascript-all 0.8.15-dev (changelog, source)
Search

Predicate problems

Holds if replace has a pattern argument containing a regular expression dangerous which matches a dangerous string beginning with prefix. msg is the alert we report.

Import path

import semmle.javascript.security.IncompleteMultiCharacterSanitizationQuery
predicate problems(StringSubstitutionCall replace, string msg, EmptyReplaceRegExpTerm dangerous, string prefix)