public override void VisitArrowExpressionClause(CSharpSyntax.ArrowExpressionClauseSyntax node,
ExecutionState state,
VariableState statementState,
Configuration projectConfiguration)
{
if (!XssPreventionAnalyzer.ExecutionStates.ContainsKey(state))
{
return;
}
if ((statementState.Taint & VariableTaint.Tainted) != 0 &&
(((ulong)statementState.Taint) & projectConfiguration.TaintTypeNameToBit["HtmlEscaped"]) == 0)
{
XssPreventionAnalyzer.Check(node, state, projectConfiguration, Enumerable.Repeat(node, 1), false);
}
}
public override void VisitStatement(CSharpSyntax.StatementSyntax node,
ExecutionState state,
VariableState statementState,
Configuration projectConfiguration)
{
if (!XssPreventionAnalyzer.ExecutionStates.ContainsKey(state))
{
return;
}
var returnStatements = node.DescendantNodesAndSelf().OfType <CSharpSyntax.ReturnStatementSyntax>();
if (!returnStatements.Any())
{
return;
}
if ((statementState.Taint & VariableTaint.Tainted) != 0 &&
(((ulong)statementState.Taint) & projectConfiguration.TaintTypeNameToBit["HtmlEscaped"]) == 0)
{
XssPreventionAnalyzer.Check(node, state, projectConfiguration, returnStatements);
}
}