CodeQL library for JavaScript/TypeScript
codeql/javascript-all 2.5.0 (changelog, source)
Index
Search

Predicate TaintedUrlSuffix::isAdditionalFlowStep

Holds if there is a flow step node1 -> node2 involving the URL suffix flow state.

This handles steps through string operations, promises, URL parsers, and URL accessors.

Import path

import semmle.javascript.security.TaintedUrlSuffixCustomizations
predicate isAdditionalFlowStep(Node node1, FlowState state1, Node node2, FlowState state2)