CodeQL library for JavaScript/TypeScript
codeql/javascript-all 0.8.12 (changelog, source)
Search

Module PropertyInjection

Import path

import semmle.javascript.security.dataflow.PropertyInjectionShared

Predicates

hasUnsafeMethods

Holds if the methods of the given value are unsafe, such as eval.

isPrototypeLessObject

Holds if the node is of form Object.create(null) and so it has no prototype.