Definitions for the Android Missing Certificate Pinning query.
Import path
import semmle.code.java.security.AndroidCertificatePinningQuery
Imports
AndroidManifest |
Provides classes and predicates for working with Android manifest files. |
Encryption |
Provides predicates and classes relating to encryption in Java. |
HttpsUrls |
Provides classes and predicates to reason about plaintext HTTP vulnerabilities. |
Networking |
Definitions related to |
TaintTracking |
Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses. |
java |
Provides all default Java QL imports. |
Predicates
isAndroid |
Holds if this database is of an Android application. |
missingPinning |
Holds if |
trustedDomain |
Holds if the given domain name is trusted by some certificate pinning implementation. |
Classes
AndroidNetworkSecurityConfigFile |
An Android Network Security Configuration XML file. |