Module DomBasedXss
Import path
import semmle.javascript.security.dataflow.DomBasedXssCustomizations
Predicates
isOptionallySanitizedNode | Holds if |
isPrefixOfJQueryHtmlString | Holds if |
prefixLabel | Gets the flow-label representing tainted values where the prefix is attacker controlled. |
Classes
DangerouslySetInnerHtmlSink | A React |
DomSink | An expression whose value is interpreted as HTML or CSS and may be inserted into the DOM. |
EmailHtmlBodySink | The HTML body of an email, viewed as an XSS sink. |
HtmlParserSink | An expression whose value is interpreted as HTML. |
JQueryHtmlOrSelectorArgument | An argument to the jQuery |
JQueryHtmlOrSelectorSink | An argument to the jQuery |
LibrarySink | An expression whose value is interpreted as HTML and may be inserted into the DOM through a library. |
PrefixString | A flow-label representing tainted values where the prefix is attacker controlled. |
PrefixStringSanitizer | A sanitizer that blocks the |
RemoteFlowSourceAsSource | A source of remote user input, considered as a flow source for DOM-based XSS. |
SafePipe | A value being piped into the |
SafePropertyReadSanitizer | A property read from a safe property is considered a sanitizer. |
Sanitizer | A sanitizer for DOM-based XSS vulnerabilities. |
Sink | A data flow sink for DOM-based XSS vulnerabilities. |
Source | A data flow source for DOM-based XSS vulnerabilities. |
TemplateSink | A raw interpolation tag in a template file, viewed as an XSS sink. |
TooltipSink | A React tooltip where the |
VHtmlSink | A Vue |
VueCreateElementSink | The tag name argument to the |
VueTemplateSink | A write to the |
WriteUrlSink | A write to a URL which may execute JavaScript code. |
Aliases
ClientSideUrlRedirect | |
isOptionallySanitizedEdge | DEPRECATED. Use |