CodeQL library for JavaScript
Search

Module XxeQuery

Provides a taint tracking configuration for reasoning about XML External Entity (XXE) vulnerabilities.

Note, for performance reasons: only import this file if Xxe::Configuration is needed, otherwise XxeCustomizations should be imported instead.

Import path

import semmle.javascript.security.dataflow.XxeQuery

Imports

Xxe
javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Classes

Configuration

A taint-tracking configuration for reasoning about XXE vulnerabilities.