CodeQL library for JavaScript/TypeScript
codeql/javascript-all 0.8.13 (changelog, source)
Index
Search

Predicate hostnameSanitizingPrefixEdge

Holds if data that flows from source to sink cannot affect the hostname or scheme of the resulting string when interpreted as a URL.

This is considered as a sanitizing edge for the URL redirection queries.

Import path

import semmle.javascript.security.dataflow.UrlConcatenation
predicate hostnameSanitizingPrefixEdge(Node source, Node sink)