Step 5 - Using the jquery predicate

[github-learning-lab[bot]]

Step 5: Using the jQuery library

So far we have looked for the function name $. Are there other ways of calling the jQuery $ function? Perhaps the CodeQL library can handle these for us?

The CodeQL standard library for JavaScript has a built-in predicate jquery() to describe references to $. Calling the predicate jquery() returns all values that refer to the $ function, and chaining this call with getACall(), will give you all calls to this function.

[github-learning-lab[bot]]

:keyboard: Rewrite your query

Use this library to rewrite your previous query, that gets you all the first argument to a call to $. Use a new file dollar-arg-node.ql.

Notice that when you call jquery(), getACall(), and getArgument() in succession, you get return values of type DataFlow::Node, and not Expr as in your previous query, so you have to change your return variable to have this type.

:book: The DataFlow::Node type

These data flow nodes describe a part of the source program that may have a value, and let us do more complex reasoning about this value. We'll learn more about these in the next section.

You new query should give you the same results as the previous one. Submit your solution in the new file dollar-arg-node.ql when you're happy with it.

[github-learning-lab[bot]]

Congratulations, looks like the query you introduced in 19de712c9afa0292ba95f20b279115af66e8da1f finds the correct results!

Take a look at the instructions for the next step to continue.