github
/
codeql-learninglab-actions
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

step 10

This commit is contained in:
Xavier RENE-CORAIL 2020-08-28 09:56:59 -07:00
Родитель e3777338ac
Коммит d5e5780a54
3 изменённых файлов: 35 добавлений и 1 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

27
courses/javascript/unsafe-jquery/answers/final.ql Normal file
Просмотреть файл

@ -0,0 +1,27 @@
/**
* @name Cross-site scripting vulnerable plugin
* @kind path-problem
* @id js/xss-unsafe-plugin
*/
import javascript
import DataFlow::PathGraph
class Configuration extends TaintTracking::Configuration {
Configuration() { this = "XssUnsafeJQueryPlugin" }
override predicate isSource(DataFlow::Node source) {
exists(DataFlow::FunctionNode plugin |
plugin = jquery().getAPropertyRead("fn").getAPropertySource() and
source = plugin.getLastParameter()
)
}
override predicate isSink(DataFlow::Node sink) {
sink = jquery().getACall().getArgument(0)
}
}
from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
where cfg.hasFlowPath(source, sink)
select sink, source, sink, "Potential XSS vulnerability in plugin."

3
courses/javascript/unsafe-jquery/image/config/config.json
Просмотреть файл

@ -8,6 +8,7 @@
"property-read.ql": "property-read.csv",
"jquery-plugins.ql": "jquery-plugins.csv",
"plugin-options.ql": "plugin-options.csv",
"sources.ql": "sources.csv"
"sources.ql": "sources.csv",
"final.ql": "final.csv"
}
}

6
courses/javascript/unsafe-jquery/image/config/final.csv Normal file
Просмотреть файл

@ -0,0 +1,6 @@
"sink","URL for sink","source","URL for source","sink","URL for sink","col3"
"this.options.target","file:///opt/src/js/affix.js:19:22:19:40","option","file:///opt/src/js/affix.js:119:19:119:24","this.options.target","file:///opt/src/js/affix.js:19:22:19:40","Potential XSS vulnerability in plugin."
"this.options.parent","file:///opt/src/js/collapse.js:140:14:140:32","option","file:///opt/src/js/collapse.js:170:19:170:24","this.options.parent","file:///opt/src/js/collapse.js:140:14:140:32","Potential XSS vulnerability in plugin."
"selector","file:///opt/src/js/scrollspy.js:113:20:113:27","option","file:///opt/src/js/scrollspy.js:136:19:136:24","selector","file:///opt/src/js/scrollspy.js:113:20:113:27","Potential XSS vulnerability in plugin."
"this.selector","file:///opt/src/js/scrollspy.js:127:7:127:19","option","file:///opt/src/js/scrollspy.js:136:19:136:24","this.selector","file:///opt/src/js/scrollspy.js:127:7:127:19","Potential XSS vulnerability in plugin."
"$.isFun ... ewport)","file:///opt/src/js/tooltip.js:54:49:54:193","option","file:///opt/src/js/tooltip.js:494:19:494:24","$.isFun ... ewport)","file:///opt/src/js/tooltip.js:54:49:54:193","Potential XSS vulnerability in plugin."
1 sink URL for sink source URL for source sink URL for sink col3
2 this.options.target file:///opt/src/js/affix.js:19:22:19:40 option file:///opt/src/js/affix.js:119:19:119:24 this.options.target file:///opt/src/js/affix.js:19:22:19:40 Potential XSS vulnerability in plugin.
3 this.options.parent file:///opt/src/js/collapse.js:140:14:140:32 option file:///opt/src/js/collapse.js:170:19:170:24 this.options.parent file:///opt/src/js/collapse.js:140:14:140:32 Potential XSS vulnerability in plugin.
4 selector file:///opt/src/js/scrollspy.js:113:20:113:27 option file:///opt/src/js/scrollspy.js:136:19:136:24 selector file:///opt/src/js/scrollspy.js:113:20:113:27 Potential XSS vulnerability in plugin.
5 this.selector file:///opt/src/js/scrollspy.js:127:7:127:19 option file:///opt/src/js/scrollspy.js:136:19:136:24 this.selector file:///opt/src/js/scrollspy.js:127:7:127:19 Potential XSS vulnerability in plugin.
6 $.isFun ... ewport) file:///opt/src/js/tooltip.js:54:49:54:193 option file:///opt/src/js/tooltip.js:494:19:494:24 $.isFun ... ewport) file:///opt/src/js/tooltip.js:54:49:54:193 Potential XSS vulnerability in plugin.