-
Notifications
You must be signed in to change notification settings - Fork 1
Step 9 - Detecting untrusted data flow sources #15
Comments
📖 The
|
⌨️ Identify sourcesYou will transform the previous query you wrote to identify the places in the program which receive jQuery plugin options, into a predicate called Edit the file The You notice that below the Submit your query. import javascript
predicate isSource(DataFlow::Node source) {
exists(<TODO: declare temporary variables> |
<TODO: clause that identifies your source as a jquery plugin option>
)
}
from DataFlow::Node node
where isSource(node)
select node |
Step 9: Detecting the sources
We have now identified places in the program which receive jQuery plugin options, and which may be considered as sources of untrusted data. In this step we'll create a predicate that will hold true if a
DataFlow::Node
is such a source. This predicate will be helpful for our last query.The text was updated successfully, but these errors were encountered: