CodeQL library for JavaScript
Search

Module ClientSideUrlRedirect

Import path

import semmle.javascript.security.dataflow.ClientSideUrlRedirect

Imports

Classes

Configuration

A taint-tracking configuration for reasoning about unvalidated URL redirections.

ElectronShellOpenExternalSink

Improper use of openExternal can be leveraged to compromise the user’s host. When openExternal is used with untrusted content, it can be leveraged to execute arbitrary commands.