CodeQL library for JavaScript
codeql/javascript-all 0.4.1 (changelog, source)
Search

Predicate ReflectedXss::xssUnsafeContentType

Gets a content-type that may lead to javascript code being executed in the browser. ref: https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#content-types

Import path

import semmle.javascript.security.dataflow.ReflectedXssCustomizations
string xssUnsafeContentType()