Module DomBasedXss

Provides a taint-tracking configuration for reasoning about DOM-based cross-site scripting vulnerabilities.

Import path

semmle.javascript.security.dataflow.DomBasedXss

Imports

RemoteFlowSources

Provides a class for modelling sources of remote user input.

jQuery

Provides classes for working with jQuery code.

javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Modules

Aliases

XssDataFlowConfiguration

DEPRECATED: Use DomBasedXss::Configuration instead.

XssSanitizer

DEPRECATED: Use DomBasedXss::Sanitizer instead.

XssSink

DEPRECATED: Use DomBasedXss::Sink instead.

XssSource

DEPRECATED: Use DomBasedXss::Source instead.