For other CodeQL resources, including tutorials and examples, see the CodeQL documentation

TaintedObject

Module TaintedObject

Provides classes and predicates for reasoning about deeply tainted objects.


                                import semmle.javascript.security.TaintedObject

Provides classes and predicates for reasoning about deeply tainted objects.

isSource	Holds if `node` is a source of JSON taint and label is the JSON taint label.
step	Holds for the flows steps that are relevant for tracking user-controlled JSON objects.

NumberGuard	A guard that checks whether `x` is a number.
SanitizerGuard	A sanitizer guard that blocks deep object taint.