CodeQL library for JavaScript
codeql/javascript-all 0.4.1 (changelog, source)
Search

Predicate ReflectedXss::xssSafeContentTypeHeader

Holds if h may send a response with a content type that is safe for XSS.

Import path

import semmle.javascript.security.dataflow.ReflectedXssCustomizations
HeaderDefinition xssSafeContentTypeHeader(RouteHandler h)