Skip to content

Commit 42f32bf

Browse files
asgerfasgerf
committed
JS: Recognize calls to .item and .namedItem
1 parent 696d19c commit 42f32bf

File tree

3 files changed

+8
-0
lines changed

3 files changed

+8
-0
lines changed

javascript/ql/src/semmle/javascript/DOM.qll

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -340,6 +340,9 @@ module DOM {
340340
t.start() and
341341
result = domValueSource()
342342
or
343+
t.start() and
344+
result = domValueRef().getAMethodCall(["item", "namedItem"])
345+
or
343346
exists(DataFlow::TypeTracker t2 | result = domValueRef(t2).track(t2, t))
344347
}
345348

javascript/ql/test/library-tests/DOM/Customizations.expected

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,11 @@
11
test_documentRef
22
| customization.js:2:13:2:31 | customGetDocument() |
3+
| nameditems.js:1:1:1:8 | document |
34
test_locationRef
45
| customization.js:3:3:3:14 | doc.location |
56
test_domValueRef
67
| customization.js:4:3:4:28 | doc.get ... 'test') |
8+
| nameditems.js:1:1:1:30 | documen ... ('foo') |
9+
| nameditems.js:1:1:2:19 | documen ... em('x') |
710
| tst.js:49:3:49:8 | window |
811
| tst.js:50:3:50:8 | window |

javascript/ql/test/library-tests/DOM/nameditems.js

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
document.getElementById('foo')
2+
.namedItem('x');

0 commit comments

Comments
 (0)