CodeQL library for JavaScript/TypeScript
codeql/javascript-all 0.8.13 (changelog, source)
Index
Search

Module StoredXss

Provides default sources, sinks and sanitizers for reasoning about stored cross-site scripting vulnerabilities.

Import path

import semmle.javascript.security.dataflow.StoredXssCustomizations

Classes

FileNameSourceAsSource

A file name, considered as a flow source for stored XSS.

Sanitizer

A sanitizer for stored XSS vulnerabilities.

Sink

A data flow sink for stored XSS vulnerabilities.

Source

A data flow source for stored XSS vulnerabilities.

UserControlledTorrentInfoAsSource

An instance of user-controlled torrent information, considered as a flow source for stored XSS.