Module UnsafeHtmlConstruction
Module containing sources, sinks, and sanitizers for unsafe HTML constructed from library input.
Import path
import semmle.javascript.security.dataflow.UnsafeHtmlConstructionCustomizations
Predicates
domBasedTaintStep | Holds if there is a taint step from |
isUsedInXssSink | Gets a dataflow node that flows to |
Classes
ExternalInputSource | A parameter of an exported function, seen as a source for usnafe HTML constructed from input. |
HtmlConcatenationSink | A string-concatenation of HTML, where the result is used as an XSS sink. |
JQueryPluginOptionsAsSource | A jQuery plugin options object, seen as a source for unsafe HTML constructed from input. |
MarkdownSink | A string rendered as markdown, where the rendering preserves HTML. |
Sink | A sink for unsafe HTML constructed from library input. This sink transforms its input into a value that can cause XSS if it ends up in a XSS sink. |
Source | A source for unsafe HTML constructed from library input. |
TypeTestGuard | A test for the value of |
XmlParsedSink | A string parsed as XML, which is later used in an XSS sink. |
XssSink | A sink for |