Thanks to visit codestin.com Credit goes to github.com
We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
1 parent d016ba2 commit 503b339Copy full SHA for 503b339
1 file changed
javascript/ql/src/experimental/Security/CWE-073/TemplateObjectInjection.ql
@@ -14,10 +14,6 @@ import javascript
14
import DataFlow::PathGraph
15
import semmle.javascript.security.TaintedObject
16
17
-predicate isUsingHbsEngine() {
18
- Express::appCreation().getAMethodCall("set").getArgument(1).mayHaveStringValue("hbs")
19
-}
20
-
21
class TemplateObjInjectionConfig extends TaintTracking::Configuration {
22
TemplateObjInjectionConfig() { this = "TemplateObjInjectionConfig" }
23
@@ -32,8 +28,7 @@ class TemplateObjInjectionConfig extends TaintTracking::Configuration {
32
28
exists(MethodCallExpr mc |
33
29
Express::isResponse(mc.getReceiver()) and
34
30
mc.getMethodName() = "render" and
35
- sink.asExpr() = mc.getArgument(1) and
36
- isUsingHbsEngine()
31
+ sink.asExpr() = mc.getArgument(1)
37
)
38
}
39
0 commit comments