Step 6: Finding jQuery plugin options

jQuery plugins are usually defined by assigning a value to a property of the $.fn object:

$.fn.copyText = function() { ... } // this function is a jQuery plugin

In the following steps, we'll find such plugins, and their options. We'll find

• where the property $.fn is read
• the functions that are assigned to properties of $.fn
• the option parameters of these functions

📖 Learn about data flow nodes

Take a few minutes to read about the data flow nodes for JavaScript and TypeScript.

• The data flow nodes
• The source nodes are places in the program that introduce a new value, from which the flow of data may be tracked. They are the source of this new value, either because they create a new object, such as object literals or functions, or because they represent a point where data enters the local data flow graph, such as parameters or property reads.
• The DataFlow::FunctionNode is a data flow node that corresponds to a function (expression or declaration)

⌨️ Finding jQuery property reads

You have already seen how to find references to the jQuery $ function. Now find all places in the code that read the property $.fn. These results of your query will be of type DataFlow::Node.

Notice that jquery() returns a value of type DataFlow::SourceNode, from which the flow of data may be tracked. Use the auto-completion feature after jquery(). to browse the predicates of this DataFlow::SourceNode type, and their documentation. Look for a predicate that gets you all reads of a property named fn.

Write your query in the file property-read.ql and submit it.

Congratulations, looks like the query you introduced in bac8df4 finds the correct results!

Take a look at the instructions for the next step to continue.