Skip to content

Adding URL related Taint Operations #350

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
leeN merged 1 commit into from
Nov 26, 2025
Merged

Adding URL related Taint Operations #350

leeN merged 1 commit into from
Nov 26, 2025
+28 −1

Conversation

@tmbrbr
Copy link
Contributor

@tmbrbr tmbrbr commented Nov 26, 2025

Adding taint operations for the following operations:

  • URL.parse
  • URLSearchParams.get
  • URLSearchParams.getAll

So now the operations will show up in functions like this one:

function load() {
  let url = URL.parse(location.toString());
  let params = url.searchParams;
  let p1 = params.get("p1");
  let p2 = params.get("p2");
  let d = document.getElementById("target");
  d.innerHTML = p1+" "+p2;
}

@tmbrbr tmbrbr self-assigned this Nov 26, 2025
@tmbrbr tmbrbr requested a review from leeN November 26, 2025 11:38
leeN
leeN approved these changes Nov 26, 2025
View reviewed changes
Copy link
Collaborator

@leeN leeN left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@leeN
Copy link
Collaborator

leeN commented Nov 26, 2025

Looking at the CI, there seems to be a failure in taint/escape.js

I.e., the following log excerpt:

2025-11-26T13:07:54.3845748Z REFTEST TEST-LOAD | file:///home/runner/work/project-foxhound/project-foxhound/obj-tf-release/dist/test-stage/jsreftest/tests/js/src/tests/jsreftest.html?test=non262/taint/escape.js | 1892 / 52410 (3%)
2025-11-26T13:07:54.4044337Z !!! Tainted flow into document.write from location.search !!!
2025-11-26T13:07:54.4048173Z JavaScript warning: file:///home/runner/work/project-foxhound/project-foxhound/obj-tf-release/dist/test-stage/jsreftest/tests/js/src/tests/browser.js, line 526: Tainted flow from location.search into document.write!
2025-11-26T13:07:54.4050587Z !!! Tainted flow into document.write from location.search !!!
2025-11-26T13:07:54.4057351Z JavaScript warning: file:///home/runner/work/project-foxhound/project-foxhound/obj-tf-release/dist/test-stage/jsreftest/tests/js/src/tests/browser.js, line 526: Tainted flow from location.search into document.write!
2025-11-26T13:07:54.4060089Z !!! Tainted flow into document.write from location.search !!!
2025-11-26T13:07:54.4064585Z JavaScript warning: file:///home/runner/work/project-foxhound/project-foxhound/obj-tf-release/dist/test-stage/jsreftest/tests/js/src/tests/browser.js, line 526: Tainted flow from location.search into document.write!
2025-11-26T13:07:54.4066039Z !!! Tainted flow into document.write from location.search !!!
2025-11-26T13:07:54.4067768Z JavaScript warning: file:///home/runner/work/project-foxhound/project-foxhound/obj-tf-release/dist/test-stage/jsreftest/tests/js/src/tests/browser.js, line 526: Tainted flow from location.search into document.write!
2025-11-26T13:07:54.4069410Z !!! Tainted flow into document.write from location.search !!!
2025-11-26T13:07:54.4074823Z JavaScript warning: file:///home/runner/work/project-foxhound/project-foxhound/obj-tf-release/dist/test-stage/jsreftest/tests/js/src/tests/browser.js, line 526: Tainted flow from location.search into document.write!
2025-11-26T13:07:56.3671048Z A content process crashed and MOZ_CRASHREPORTER_SHUTDOWN is set, shutting down
2025-11-26T13:07:56.4034902Z 1764162476402 Marionette TRACE Received observer notification quit-application
2025-11-26T13:07:56.4036109Z 1764162476403 Marionette INFO Stopped listening on port 2828
2025-11-26T13:07:56.4057951Z 1764162476405 Marionette DEBUG Marionette stopped listening
2025-11-26T13:07:56.4162102Z [Parent 132484, IPC I/O Parent] WARNING: process 132726 exited on signal 11: file /home/runner/work/project-foxhound/project-foxhound/ipc/chromium/src/chrome/common/process_watcher_posix_sigchld.cc:132
2025-11-26T13:07:56.4201543Z !!! error running onStopped callback: TypeError: callback is not a function
2025-11-26T13:07:56.5635153Z REFTEST TEST-UNEXPECTED-FAIL | obj-tf-release/dist/test-stage/jsreftest/tests/js/src/tests/non262/taint/escape.js | application terminated with exit code 245`

@leeN
Copy link
Collaborator

leeN commented Nov 26, 2025

However, that seems unrelated to this change, so merging.

@leeN leeN merged commit 4be8d31 into SAP:main Nov 26, 2025
7 of 11 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@leeN leeN leeN approved these changes

Assignees

@tmbrbr tmbrbr

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@tmbrbr @leeN