CodeQL library for JavaScript
Search

Module DomBasedXssQuery

Provides a taint-tracking configuration for reasoning about DOM-based cross-site scripting vulnerabilities.

Import path

import semmle.javascript.security.dataflow.DomBasedXssQuery

Imports

DomBasedXss
javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Classes

HtmlInjectionConfiguration

A taint-tracking configuration for reasoning about XSS.

JQueryHtmlOrSelectorInjectionConfiguration

A taint-tracking configuration for reasoning about injection into the jQuery $ function or similar, where the interpretation of the input string depends on its first character.

Aliases

Configuration

DEPRECATED. Use HtmlInjectionConfiguration or JQueryHtmlOrSelectorInjectionConfiguration.

VHtmlSourceWrite

DEPRECATED. Use Vue::VHtmlSourceWrite instead.