CodeQL library for JavaScript
Search

Predicate UnsafeHtmlConstruction::domBasedTaintStep

Holds if there is a taint step from pred to succ for DOM strings/nodes. These steps are mostly relevant for DOM nodes that are created by an XML parser.

Import path

import semmle.javascript.security.dataflow.UnsafeHtmlConstructionCustomizations
predicate domBasedTaintStep(Node pred, SourceNode succ)