CodeQL library for JavaScript/TypeScript
codeql/javascript-all 2.6.21-dev (changelog, source)
Index
Search

Module XmlBombQuery

Provides a taint tracking configuration for reasoning about XML-bomb vulnerabilities.

Note, for performance reasons: only import this file if XmlBomb::Configuration is needed, otherwise XmlBombCustomizations should be imported instead.

Import path

import semmle.javascript.security.dataflow.XmlBombQuery

Imports

XmlBomb
javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Classes

Configuration

DEPRECATED. Use the XmlBombFlow module instead.

Modules

XmlBombConfig

A taint-tracking configuration for reasoning about XML-bomb vulnerabilities.

Aliases

XmlBombFlow

Taint-tracking for reasoning about XML-bomb vulnerabilities.