CodeQL library for JavaScript/TypeScript
codeql/javascript-all 1.1.2-dev (changelog, source)
Index
Search

Predicate UnsafeHtmlConstruction::domBasedTaintStep

Holds if there is a taint step from pred to succ for DOM strings/nodes. These steps are mostly relevant for DOM nodes that are created by an XML parser.

Import path

import semmle.javascript.security.dataflow.UnsafeHtmlConstructionCustomizations
predicate domBasedTaintStep(Node pred, SourceNode succ)