CodeQL library for JavaScript
codeql/javascript-all 0.3.4 (changelog, source)
Search

Predicate UnsafeHtmlConstruction::domBasedTaintStep

Holds if there is a taint step from pred to succ for DOM strings/nodes. These steps are mostly relevant for DOM nodes that are created by an XML parser.

Import path

import semmle.javascript.security.dataflow.UnsafeHtmlConstructionCustomizations
predicate domBasedTaintStep(Node pred, SourceNode succ)