Module UrlRedirectQuery
Provides a taint-tracking configuration for reasoning about unvalidated URL redirect problems.
Import path
import semmle.code.csharp.security.dataflow.UrlRedirectQuery
Imports
csharp | The default C# QL library. |
Classes
AspNetCoreLocationHeaderSink | Anything that is setting “location” header in the response headers. |
AspNetCoreRedirectSink | A URL argument to a call to |
ConcatenationSanitizer | A string concatenation expression, where the left hand side contains the character “?”. |
ContainsUrlSanitizer | An URL argument to a call to |
HostComparisonSanitizer | A comparison on the |
HttpServerTransferSink | A path argument to a call to |
LocalUrlSanitizer | A URL argument to a call to |
LocationHeaderSink | A value argument to a call to |
RawUrlSanitizer | A call to the getter of the RawUrl property, whose value is considered to be safe for URL redirects. |
RedirectSink | A URL argument to a call to |
RelativeUrlSanitizer | A check that the URL is relative, and therefore safe for URL redirects. |
RemoteSource | DEPRECATED: Use |
Sanitizer | A sanitizer for unvalidated URL redirect vulnerabilities. |
Sink | A data flow sink for unvalidated URL redirect vulnerabilities. |
Source | A data flow source for unvalidated URL redirect vulnerabilities. |
ThreatModelSource | A source supported by the current threat model. |
UrlEncodeSanitizer | A call to an URL encoder. |
Aliases
UrlRedirect | A taint-tracking module for reasoning about unvalidated URL redirect vulnerabilities. |