CodeQL library for JavaScript/TypeScript
codeql/javascript-all 2.6.1-dev (changelog, source)
Index
Search

Module IncompleteHtmlAttributeSanitizationQuery

Provides a taint tracking configuration for reasoning about incomplete HTML sanitization vulnerabilities.

Note, for performance reasons: only import this file if IncompleteHtmlAttributeSanitization::Configuration is needed, otherwise IncompleteHtmlAttributeSanitizationCustomizations should be imported instead.

Import path

import semmle.javascript.security.dataflow.IncompleteHtmlAttributeSanitizationQuery

Imports

IncompleteHtmlAttributeSanitization
javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Classes

Configuration

DEPRECATED. Use the IncompleteHtmlAttributeSanitizationFlow module instead.

Modules

IncompleteHtmlAttributeSanitizationConfig

A taint-tracking configuration for reasoning about incomplete HTML sanitization vulnerabilities.

Aliases

IncompleteHtmlAttributeSanitizationFlow

Taint-tracking for reasoning about incomplete HTML sanitization vulnerabilities.