Module Shared
Provides classes and predicates shared between the XSS queries.
Import path
import semmle.javascript.security.dataflow.Xss
Classes
ContainsHTMLGuard | A sanitizer guard that checks for the existence of HTML chars in a string. E.g. |
IsEscapedInSwitchSanitizer | An expression that is sanitized by a switch-case. |
MetacharEscapeSanitizer | A regexp replacement involving an HTML meta-character, viewed as a sanitizer for XSS vulnerabilities. |
QuoteGuard | A guard that checks if a string can contain quotes, which is a guard for strings that are inside a HTML attribute. |
Sanitizer | A sanitizer for XSS vulnerabilities. |
SanitizerGuard | A sanitizer guard for XSS vulnerabilities. |
Sink | A data flow sink for XSS vulnerabilities. |
Source | A data flow source for XSS vulnerabilities. |
UriEncodingSanitizer | A call to |