CodeQL library for JavaScript
codeql/javascript-all 0.7.4 ( changelog , source )
Search

Predicate UnsafeHtmlConstruction :: domBasedTaintStep

Holds if there is a taint step from pred to succ for DOM strings/nodes. These steps are mostly relevant for DOM nodes that are created by an XML parser.

Import path

import semmle.javascript.security.dataflow.UnsafeHtmlConstructionCustomizations
predicate domBasedTaintStep ( Node pred , SourceNode succ )