CodeQL library for JavaScript/TypeScript
codeql/javascript-all 2.6.3 (changelog, source)
Index
Search

Predicate DynamicCreation::isAssignedToSrcAttribute

Holds if sink is assigned to the attribute name of any HTML element.

Import path

import semmle.javascript.security.FunctionalityFromUntrustedSource
predicate isAssignedToSrcAttribute(string name, Node sink)