Module UnsafeJQueryPlugin
Import path
import semmle.javascript.security.dataflow.UnsafeJQueryPluginCustomizations
Predicates
isLikelyIntentionalHtmlSink | Holds if there exists a jQuery plugin that likely expects |
Classes
AmbiguousHtmlOrSelectorArgument | An argument that may act as an HTML fragment rather than a CSS selector, as a sink for remote unsafe jQuery plugins. |
AmbiguousHtmlOrSelectorArgumentAsSink | An argument that may act as an HTML fragment rather than a CSS selector, as a sink for remote unsafe jQuery plugins. |
IntentionalHtmlFragmentHint | A hint that a value is expected to be treated as an HTML fragment later. |
IsElementSanitizer | An expression of form |
JQueryPluginOptions | The client-provided options object for a jQuery plugin. |
JQueryPluginOptionsAsSource | The client-provided options object for a jQuery plugin, considered as a source for unsafe jQuery plugins. |
NumberGuard | A guard that checks whether |
PropertyPresenceSanitizer | An expression like |
Sanitizer | A sanitizer for unsafe jQuery plugins. |
Sink | A data flow sink for unsafe jQuery plugins. |
Source | A data flow source for unsafe jQuery plugins. |