File tree Expand file tree Collapse file tree 2 files changed +10
-10
lines changed
javascript/ql/lib/semmle/javascript/security/dataflow Expand file tree Collapse file tree 2 files changed +10
-10
lines changed Original file line number Diff line number Diff line change @@ -27,6 +27,16 @@ module StoredXss {
27
27
AnySink ( ) { this instanceof Shared:: Sink }
28
28
}
29
29
30
+ /** A file name, considered as a flow source for stored XSS. */
31
+ class FileNameSourceAsSource extends Source {
32
+ FileNameSourceAsSource ( ) { this instanceof FileNameSource }
33
+ }
34
+
35
+ /** An instance of user-controlled torrent information, considered as a flow source for stored XSS. */
36
+ class UserControlledTorrentInfoAsSource extends Source {
37
+ UserControlledTorrentInfoAsSource ( ) { this instanceof ParseTorrent:: UserControlledTorrentInfo }
38
+ }
39
+
30
40
/**
31
41
* A regexp replacement involving an HTML meta-character, viewed as a sanitizer for
32
42
* XSS vulnerabilities.
Original file line number Diff line number Diff line change @@ -28,16 +28,6 @@ class Configuration extends TaintTracking::Configuration {
28
28
}
29
29
}
30
30
31
- /** A file name, considered as a flow source for stored XSS. */
32
- class FileNameSourceAsSource extends Source {
33
- FileNameSourceAsSource ( ) { this instanceof FileNameSource }
34
- }
35
-
36
- /** An instance of user-controlled torrent information, considered as a flow source for stored XSS. */
37
- class UserControlledTorrentInfoAsSource extends Source {
38
- UserControlledTorrentInfoAsSource ( ) { this instanceof ParseTorrent:: UserControlledTorrentInfo }
39
- }
40
-
41
31
private class QuoteGuard extends TaintTracking:: SanitizerGuardNode , Shared:: QuoteGuard {
42
32
QuoteGuard ( ) { this = this }
43
33
}
You can’t perform that action at this time.
0 commit comments