File tree Expand file tree Collapse file tree
javascript/ql/lib/semmle/javascript/security/dataflow Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -170,10 +170,12 @@ deprecated module StoredXss {
170170 import StoredXssCustomizations:: StoredXss
171171}
172172
173- /** Provides classes and predicates for the XSS through DOM query. */
174- module XssThroughDom {
175- /** A data flow source for XSS through DOM vulnerabilities. */
176- abstract class Source extends Shared:: Source { }
173+ /**
174+ * DEPRECATED: Use the `XssThroughDomCustomizations.qll` file instead.
175+ * Provides classes and predicates for the XSS through DOM query.
176+ */
177+ deprecated module XssThroughDom {
178+ import XssThroughDomCustomizations:: XssThroughDom
177179}
178180
179181/** Provides classes for customizing the `ExceptionXss` query. */
Original file line number Diff line number Diff line change @@ -9,10 +9,13 @@ import javascript
99 * Sources for cross-site scripting vulnerabilities through the DOM.
1010 */
1111module XssThroughDom {
12- import Xss:: XssThroughDom
12+ private import Xss:: Shared as Shared
1313 private import semmle.javascript.dataflow.InferredTypes
1414 private import semmle.javascript.security.dataflow.DomBasedXssCustomizations
1515
16+ /** A data flow source for XSS through DOM vulnerabilities. */
17+ abstract class Source extends Shared:: Source { }
18+
1619 /**
1720 * Gets an attribute name that could store user-controlled data.
1821 *
Original file line number Diff line number Diff line change 55
66import javascript
77private import semmle.javascript.dataflow.InferredTypes
8- import Xss:: XssThroughDom
98private import XssThroughDomCustomizations:: XssThroughDom
109private import semmle.javascript.security.dataflow.DomBasedXssCustomizations
1110private import semmle.javascript.security.dataflow.UnsafeJQueryPluginCustomizations:: UnsafeJQueryPlugin as UnsafeJQuery
You can’t perform that action at this time.
0 commit comments