Change from getParameter() to getArgument()

aegilops · aegilops · commit 8dac00aa832c · 2025-01-06T15:43:47.000Z
diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssCustomizations.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssCustomizations.qll
@@ -266,7 +266,7 @@ module DomBasedXss {
               .getMember("setProperty")
               .getACall() and
         this = setProperty.getParameter(2).asSink() and
-        setProperty.getParameter(1).asSink().asExpr().(StringLiteral).getValue() = "innerHTML"
+        setProperty.getArgument(1).getStringValue() = "innerHTML"
       )
     }
   }

Original file line number	Diff line number	Diff line change
`@@ -266,7 +266,7 @@ module DomBasedXss {`
`266`	`266`	`.getMember("setProperty")`
`267`	`267`	`.getACall() and`
`268`	`268`	`this = setProperty.getParameter(2).asSink() and`
`269`		`- setProperty.getParameter(1).asSink().asExpr().(StringLiteral).getValue() = "innerHTML"`
	`269`	`+ setProperty.getArgument(1).getStringValue() = "innerHTML"`
`270`	`270`	`)`
`271`	`271`	`}`
`272`	`272`	`}`