[Fall 2021] Step 2: Coverage Improvement - Expand XSS regex to cover javascript: URLs
#53
Labels
coverage improvement
Adds coverage improvement for missing model or rule in Pysa
Fall 2021
Issues related to the Pysa project for MLH Fellowship cohort of Fall 2021
step 2
Level 2 project for MLH Fall 2021
Comments
onionymous
added
coverage improvement
onionymous
changed the title
javascript: URLsjavascript: URLs
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Pysa supports string literals as implicit sources/sinks.
We currently look for strings with
<>in them to detect potential HTML injection sinks (see https://github.com/facebook/pyre-check/blob/d82759a1f1ce5467aa2250708b226790c046f207/stubs/taint/core_privacy_security/taint.config#L652) and have a rule forUserControlleddata going to these implicit sinks.Sometimes in Python code we also see the
javascript:pseudo-protocol URLs which can also be an XSS sink.The goal is to improve this regex and add detection for
javascript:URLs, as well as any other improvements you can think of!Submitting a PR
We use the following linters internally, so to save everyone's time, please make sure you run the following linters locally and fix errors related to the files you modified before submitting a PR:
To install the linters, you can run the following command:
The text was updated successfully, but these errors were encountered: