Provides a taint tracking configuration for reasoning about prototype-polluting assignments.
Note, for performance reasons: only import this file if
PrototypePollutingAssignment::Configuration is needed, otherwise
PrototypePollutingAssignmentCustomizations should be imported instead.
Import path
import semmle.javascript.security.dataflow.PrototypePollutingAssignmentQueryImports
| PrototypePollutingAssignment | Provides sources, sinks, and sanitizers for reasoning about assignments that my cause prototype pollution. |
Predicates
| prototypeLessObject | Gets a data flow node referring to an object created with |
Classes
| Configuration | A taint-tracking configuration for reasoning about prototype-polluting assignments. |
| NumberGuard | A guard that checks whether |