Module Shared
Provides classes and predicates shared between the XSS queries.
Import path
import semmle.javascript.security.dataflow.Xss
Classes
ContainsHtmlGuard | A sanitizer guard that checks for the existence of HTML chars in a string. E.g. |
IsEscapedInSwitchSanitizer | An expression that is sanitized by a switch-case. |
MetacharEscapeSanitizer | A global regexp replacement involving the |
QuoteGuard | A guard that checks if a string can contain quotes, which is a guard for strings that are inside an HTML attribute. |
Sanitizer | A sanitizer for XSS vulnerabilities. |
SerializeJavascriptSanitizer | A call to |
Sink | A data flow sink for XSS vulnerabilities. |
Source | A data flow source for XSS vulnerabilities. |
UriEncodingSanitizer | A call to |