CodeQL library for Go
codeql/go-all 3.0.1-dev (changelog, source)
Search

Module MissingJwtSignatureCheck

Provides extension points for customizing the data-flow tracking configuration for reasoning about JWT vulnerabilities.

Import path

import semmle.go.security.MissingJwtSignatureCheckCustomizations

Classes

AdditionalFlowStep

An additional flow step for JWT vulnerabilities.

JwtSafeParse

A function that parses and correctly validates a JWT token.

Sanitizer

A sanitizer for JWT vulnerabilities.

Sink

A data flow sink for JWT vulnerabilities.

Source

A data flow source for JWT vulnerabilities.