CodeQL library for JavaScript/TypeScript
codeql/javascript-all 2.6.21-dev (changelog, source)
Index
Search

Module DomBasedXssQuery

Provides a taint-tracking configuration for reasoning about DOM-based cross-site scripting vulnerabilities.

Import path

import semmle.javascript.security.dataflow.DomBasedXssQuery

Imports

DomBasedXss
javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Classes

Configuration

DEPRECATED. Use the DomBasedXssFlow module instead.

HtmlSink

A sink that is not a URL write or a JQuery selector, assumed to be a value that is interpreted as HTML.

Modules

DomBasedXssConfig

A taint-tracking configuration for reasoning about XSS by DOM manipulation.

Aliases

DomBasedXssFlow

Taint-tracking for reasoning about XSS by DOM manipulation.