CodeQL library for Go
codeql/go-all 5.0.3 (changelog, source)
Index
Search

Module OpenUrlRedirect

Provides extension points for customizing the taint-tracking configuration for reasoning about unvalidated URL redirection problems on the server side.

Import path

import semmle.go.security.OpenUrlRedirectCustomizations

Classes

AdditionalStep

An additional taint propagation step specific to this query.

Barrier

A barrier for unvalidated URL redirect vulnerabilities.

LocationHeaderSink

A definition of the HTTP “Location” header, considered as a sink for Configuration.

PathAssignmentBarrier

An assignment of a safe value to the field Path, considered as a barrier for sanitizing untrusted URLs.

RedirectCheckBarrierGuardAsBarrierGuard

A call to a function called isLocalUrl, isValidRedirect, or similar, which is considered a barrier guard for sanitizing untrusted URLs.

RedirectSink

An HTTP redirect, considered as a sink for Configuration.

RegexpCheckAsBarrierGuard

A call to a regexp match function, considered as a barrier guard for sanitizing untrusted URLs.

Sink

A data flow sink for unvalidated URL redirect vulnerabilities.

Source

A data flow source for unvalidated URL redirect vulnerabilities.

UntrustedFlowAsSource

DEPRECATED: Use ActiveThreatModelSource or Source instead.

UrlCheckAsBarrierGuard

A check against a constant value or the Hostname function, considered a barrier guard for url flow.