CodeQL library for JavaScript/TypeScript
codeql/javascript-all 0.8.15-dev (changelog, source)
Index
Search

Predicate TaintedUrlSuffix::step

Holds if there is a flow step src -> dst involving the URL suffix taint label.

This handles steps through string operations, promises, URL parsers, and URL accessors.

Import path

import semmle.javascript.security.TaintedUrlSuffix
predicate step(Node src, Node dst, FlowLabel srclbl, FlowLabel dstlbl)