Module DomBasedXssQuery
Provides a taint-tracking configuration for reasoning about DOM-based cross-site scripting vulnerabilities.
Import path
import semmle.javascript.security.dataflow.DomBasedXssQuery
Imports
DomBasedXss | |
javascript | Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML. |
Classes
Configuration | A taint-tracking configuration for reasoning about XSS. Both ordinary HTML sinks, URL sinks, and JQuery selector based sinks. - HTML sinks are sinks for any tainted value - URL sinks are only sinks when the scheme is user controlled - JQuery selector sinks are sinks when the tainted value can start with |
HtmlSink | A sink that is not a URL write or a JQuery selector, assumed to be a value that is interpreted as HTML. |