CodeQL library for Go
codeql/go-all 2.1.3 (changelog, source)
Search

Module OpenUrlRedirect

Provides extension points for customizing the taint-tracking configuration for reasoning about unvalidated URL redirection problems on the server side.

Import path

import semmle.go.security.OpenUrlRedirectCustomizations

Classes

AdditionalStep

An additional taint propagation step specific to this query.

Barrier

A barrier for unvalidated URL redirect vulnerabilities.

LocationHeaderSink

A definition of the HTTP “Location” header, considered as a sink for Configuration.

PathAssignmentBarrier

An access to a variable that is preceded by an assignment to its Path field.

RedirectCheckBarrierGuardAsBarrierGuard

A call to a function called isLocalUrl, isValidRedirect, or similar, which is considered a barrier guard for sanitizing untrusted URLs.

RedirectSink

An HTTP redirect, considered as a sink for Configuration.

RegexpCheckAsBarrierGuard

A call to a regexp match function, considered as a barrier guard for sanitizing untrusted URLs.

Sink

A data flow sink for unvalidated URL redirect vulnerabilities.

Source

A data flow source for unvalidated URL redirect vulnerabilities.

UntrustedFlowAsSource

DEPRECATED: Use ActiveThreatModelSource or Source instead.

UrlCheckAsBarrierGuard

A check against a constant value or the Hostname function, considered a barrier guard for url flow.