CodeQL library for C#
codeql/csharp-all 3.0.1 (changelog, source)
Search

Module UrlRedirectQuery

Provides a taint-tracking configuration for reasoning about unvalidated URL redirect problems.

Import path

import semmle.code.csharp.security.dataflow.UrlRedirectQuery

Imports

csharp

The default C# QL library.

Classes

AspNetCoreLocationHeaderSink

Anything that is setting “location” header in the response headers.

AspNetCoreRedirectSink

A URL argument to a call to HttpResponse.Redirect() or Controller.Redirect(), that is a sink for URL redirects.

ConcatenationSanitizer

A string concatenation expression, where the left hand side contains the character “?”.

ContainsUrlSanitizer

An URL argument to a call to .Contains() that is a sanitizer for URL redirects.

HostComparisonSanitizer

A comparison on the Host property of a url, that is a sanitizer for URL redirects.

HttpServerTransferSink

A path argument to a call to HttpServerUtility.Transfer.

LocalUrlSanitizer

A URL argument to a call to UrlHelper.IsLocalUrl() or HttpRequestBase.IsUrlLocalToHost() that is a sanitizer for URL redirects.

LocationHeaderSink

A value argument to a call to AddHeader or AppendHeader that adds the Location.

RawUrlSanitizer

A call to the getter of the RawUrl property, whose value is considered to be safe for URL redirects.

RedirectSink

A URL argument to a call to HttpResponse.Redirect() or Controller.Redirect(), that is a sink for URL redirects.

RelativeUrlSanitizer

A check that the URL is relative, and therefore safe for URL redirects.

RemoteSource

DEPRECATED: Use ThreatModelSource instead.

Sanitizer

A sanitizer for unvalidated URL redirect vulnerabilities.

Sink

A data flow sink for unvalidated URL redirect vulnerabilities.

Source

A data flow source for unvalidated URL redirect vulnerabilities.

ThreatModelSource

A source supported by the current threat model.

UrlEncodeSanitizer

A call to an URL encoder.

Aliases

UrlRedirect

A taint-tracking module for reasoning about unvalidated URL redirect vulnerabilities.