For other CodeQL resources, including tutorials and examples, see the CodeQL documentation

ReflectedXss

Module ReflectedXssCustomizations


                                import semmle.javascript.security.dataflow.ReflectedXssCustomizations

getANonHtmlHeaderDefinition	DEPRECATED: Gets a HeaderDefinition that defines a non-html content-type for `send`.
getAXssSafeHeaderDefinition	Gets a HeaderDefinition that defines a XSS safe content-type for `send`.
headerAffects	Holds if a header set in `header` is likely to affect a response sent at `sender`.
isLocalHeaderDefinition	Holds if the HeaderDefinition `header` seems to be local. A HeaderDefinition is local if it dominates exactly one `ResponseSendArgument`.
nonHtmlContentTypeHeader	DEPRECATED: Holds if `h` may send a response with a content type other than HTML.
xssSafeContentTypeHeader	Holds if `h` may send a response with a content type that is safe for XSS.
xssUnsafeContentType	Gets a content-type that may lead to javascript code being executed in the browser. ref: https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#content-types

HttpResponseSink	An expression that is sent as part of an HTTP response, considered as an XSS sink.
Sanitizer	A sanitizer for reflected XSS vulnerabilities.
Sink	A data flow sink for reflected XSS vulnerabilities.
Source	A data flow source for reflected XSS vulnerabilities.
ThirdPartyRequestInputAccessAsSource	A third-party controllable request input, considered as a flow source for reflected XSS.