We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent b321151 commit 0d598c4Copy full SHA for 0d598c4
javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeJQueryPluginQuery.qll
@@ -23,6 +23,9 @@ class Configuration extends TaintTracking::Configuration {
23
node instanceof DomBasedXss::Sanitizer
24
or
25
node instanceof Sanitizer
26
+ or
27
+ // Plugins usually do `$(this)` to coerce an existing DOM element to a jQuery object.
28
+ node instanceof DataFlow::ThisNode
29
}
30
31
override predicate isAdditionalTaintStep(DataFlow::Node src, DataFlow::Node sink) {
0 commit comments