add $.jGrowl as an XSS sink

erik-krogh · erik-krogh · commit 90652eeb25fe · 2020-04-23T10:44:41.000+02:00
diff --git a/javascript/ql/src/semmle/javascript/security/dataflow/Xss.qll b/javascript/ql/src/semmle/javascript/security/dataflow/Xss.qll
@@ -99,6 +99,8 @@ module DomBasedXss {
       this = any(Typeahead::TypeaheadSuggestionFunction f).getAReturn()
       or
       this = any(Handlebars::SafeString s).getAnArgument()
+      or
+      this = any(JQuery::MethodCall call | call.getMethodName() = "jGrowl").getArgument(0)
     }
   }
 

Original file line number	Diff line number	Diff line change
`@@ -99,6 +99,8 @@ module DomBasedXss {`
`99`	`99`	`this = any(Typeahead::TypeaheadSuggestionFunction f).getAReturn()`
`100`	`100`	`or`
`101`	`101`	`this = any(Handlebars::SafeString s).getAnArgument()`
	`102`	`+ or`
	`103`	`+ this = any(JQuery::MethodCall call \| call.getMethodName() = "jGrowl").getArgument(0)`
`102`	`104`	`}`
`103`	`105`	`}`
`104`	`106`