CodeQL library for JavaScript
Search

Module UnsafeJQueryPlugin

Import path

import semmle.javascript.security.dataflow.UnsafeJQueryPluginCustomizations

Predicates

isLikelyIntentionalHtmlSink

Holds if there exists a jQuery plugin that likely expects sink to be treated as a HTML fragment.

Classes

AmbiguousHtmlOrSelectorArgument

An argument that may act as a HTML fragment rather than a CSS selector, as a sink for remote unsafe jQuery plugins.

AmbiguousHtmlOrSelectorArgumentAsSink

An argument that may act as a HTML fragment rather than a CSS selector, as a sink for remote unsafe jQuery plugins.

IntentionalHtmlFragmentHint

A hint that a value is expected to be treated as a HTML fragment later.

IsElementSanitizer

Expression of form isElement(x), which sanitizes x.

JQueryPluginOptions

The client-provided options object for a jQuery plugin.

JQueryPluginOptionsAsSource

The client-provided options object for a jQuery plugin, considered as a source for unsafe jQuery plugins.

PropertyPresenceSanitizer

Expression like typeof x.<?> !== "undefined" or x.<?>, which sanitizes x, as it is unlikely to be a string afterwards.

Sanitizer

A sanitizer for unsafe jQuery plugins.

Sink

A data flow sink for unsafe jQuery plugins.

Source

A data flow source for unsafe jQuery plugins.