CodeQL library for JavaScript/TypeScript
codeql/javascript-all 2.0.2-dev (changelog, source)
Search

Module Shared

Provides classes and predicates shared between the XSS queries.

Import path

import semmle.javascript.security.dataflow.Xss

Classes

ContainsHtmlGuard

A sanitizer guard that checks for the existence of HTML chars in a string. E.g. /["'&<>]/.exec(str).

IsEscapedInSwitchSanitizer

An expression that is sanitized by a switch-case.

MetacharEscapeSanitizer

A global regexp replacement involving the <, ', or " meta-character, viewed as a sanitizer for XSS vulnerabilities.

QuoteGuard

A guard that checks if a string can contain quotes, which is a guard for strings that are inside an HTML attribute.

Sanitizer

A sanitizer for XSS vulnerabilities.

SerializeJavascriptSanitizer

A call to serialize-javascript, which prevents XSS vulnerabilities unless the unsafe option is set to true.

Sink

A data flow sink for XSS vulnerabilities.

Source

A data flow source for XSS vulnerabilities.

UriEncodingSanitizer

A call to encodeURI or encodeURIComponent, viewed as a sanitizer for XSS vulnerabilities.