CodeQL library for JavaScript/TypeScript
codeql/javascript-all 0.8.9 (changelog, source)
Search

Module RemotePropertyInjectionCustomizations

Provides default sources, sinks and sanitizers for reasoning about injections in property names, used either for writing into a property, into a header or for calling an object’s method, as well as extension points for adding your own.

Import path

import semmle.javascript.security.dataflow.RemotePropertyInjectionCustomizations

Imports

Express

Provides classes for working with Express applications.

PropertyInjectionShared

Provides predicates for reasoning about flow of user-controlled values that are used as property names.

javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Modules