CodeQL library for JavaScript
Search

Predicate ClientSideUrlRedirect::untrustedUrlSubstring

Holds if substring refers to a substring of base which is considered untrusted when base is the current URL.

Import path

import semmle.javascript.security.dataflow.ClientSideUrlRedirectCustomizations
predicate untrustedUrlSubstring(Node base, Node substring)