CodeQL library for JavaScript/TypeScript
codeql/javascript-all 1.1.2-dev (changelog, source)
Index
Search

Module CodeInjectionQuery

Provides a taint-tracking configuration for reasoning about code injection vulnerabilities.

Note, for performance reasons: only import this file if CodeInjection::Configuration is needed, otherwise CodeInjectionCustomizations should be imported instead.

Import path

import semmle.javascript.security.dataflow.CodeInjectionQuery

Imports

CodeInjection
javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Classes

Configuration

A taint-tracking configuration for reasoning about code injection vulnerabilities.