From f48b47c656cfe727ce77bdc457f12ba7aaee7f8d Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Sun, 8 Oct 2023 19:50:05 +0200
Subject: [PATCH] JavaScript: add import that populate the shared abstract
 classes

---
 .../ql/lib/semmle/javascript/security/dataflow/Xss.qll     | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/Xss.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/Xss.qll
index 22feaca99eb..fc2db8e9f87 100644
--- a/javascript/ql/lib/semmle/javascript/security/dataflow/Xss.qll
+++ b/javascript/ql/lib/semmle/javascript/security/dataflow/Xss.qll
@@ -20,6 +20,13 @@ module Shared {
     string getVulnerabilityKind() { result = "Cross-site scripting" }
   }
 
+  // import the various XSS query customizations, they populate the shared classes
+  private import DomBasedXssCustomizations
+  private import ReflectedXssCustomizations
+  private import StoredXssCustomizations
+  private import XssThroughDomCustomizations
+  private import ExceptionXssCustomizations
+
   /** A sanitizer for XSS vulnerabilities. */
   abstract class Sanitizer extends DataFlow::Node { }