CodeQL library for JavaScript/TypeScript
codeql/javascript-all 2.2.1-dev (changelog, source)
Search

Module PrototypePollutingAssignmentQuery

Provides a taint tracking configuration for reasoning about prototype-polluting assignments.

Note, for performance reasons: only import this file if PrototypePollutingAssignment::Configuration is needed, otherwise PrototypePollutingAssignmentCustomizations should be imported instead.

Import path

import semmle.javascript.security.dataflow.PrototypePollutingAssignmentQuery

Imports

PrototypePollutingAssignment

Provides sources, sinks, and sanitizers for reasoning about assignments that my cause prototype pollution.

Predicates

prototypeLessObject

Gets a data flow node referring to an object created with Object.create.

Classes

Configuration

A taint-tracking configuration for reasoning about prototype-polluting assignments.

NumberGuard

A guard that checks whether x is a number.