CodeQL library for JavaScript/TypeScript
codeql/javascript-all 1.0.1 (changelog, source)
Search

Module UnsafeJQueryPlugin

Import path

import semmle.javascript.security.dataflow.UnsafeJQueryPluginCustomizations

Predicates

isLikelyIntentionalHtmlSink

Holds if there exists a jQuery plugin that likely expects sink to be treated as an HTML fragment.

Classes

AmbiguousHtmlOrSelectorArgument

An argument that may act as an HTML fragment rather than a CSS selector, as a sink for remote unsafe jQuery plugins.

AmbiguousHtmlOrSelectorArgumentAsSink

An argument that may act as an HTML fragment rather than a CSS selector, as a sink for remote unsafe jQuery plugins.

IntentionalHtmlFragmentHint

A hint that a value is expected to be treated as an HTML fragment later.

IsElementSanitizer

An expression of form isElement(x), which sanitizes x.

JQueryPluginOptions

The client-provided options object for a jQuery plugin.

JQueryPluginOptionsAsSource

The client-provided options object for a jQuery plugin, considered as a source for unsafe jQuery plugins.

NumberGuard

A guard that checks whether x is a number.

PropertyPresenceSanitizer

An expression like typeof x.<?> !== "undefined" or x.<?>, which sanitizes x, as it is unlikely to be a string afterwards.

Sanitizer

A sanitizer for unsafe jQuery plugins.

Sink

A data flow sink for unsafe jQuery plugins.

Source

A data flow source for unsafe jQuery plugins.