Module OpenUrlRedirect
Provides extension points for customizing the taint-tracking configuration for reasoning about unvalidated URL redirection problems on the server side.
Import path
import semmle.go.security.OpenUrlRedirectCustomizations
Classes
AdditionalStep | An additional taint propagation step specific to this query. |
Barrier | A barrier for unvalidated URL redirect vulnerabilities. |
LocationHeaderSink | A definition of the HTTP “Location” header, considered as a sink for |
PathAssignmentBarrier | An access to a variable that is preceded by an assignment to its |
RedirectCheckBarrierGuardAsBarrierGuard | A call to a function called |
RedirectSink | An HTTP redirect, considered as a sink for |
RegexpCheckAsBarrierGuard | A call to a regexp match function, considered as a barrier guard for sanitizing untrusted URLs. |
Sink | A data flow sink for unvalidated URL redirect vulnerabilities. |
Source | A data flow source for unvalidated URL redirect vulnerabilities. |
UntrustedFlowAsSource | DEPRECATED: Use |
UrlCheckAsBarrierGuard | A check against a constant value or the |