Module ExternalAPIs
Definitions for reasoning about untrusted data used in APIs defined outside the database.
Import path
import semmle.code.java.security.ExternalAPIs
Imports
FlowSources | Provides classes representing various flow sources for taint tracking. |
TaintTracking | Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses. |
java | Provides all default Java QL imports. |
Classes
ExternalApiDataNode | A node representing data being passed to an external API. |
ExternalApiUsedWithUntrustedData | An external API which is used with untrusted data. |
SafeExternalApiMethod | A |
UntrustedDataToExternalApiConfig | DEPRECATED: Use |
UntrustedExternalApiDataNode | A node representing untrusted data being passed to an external API. |
Modules
UntrustedDataToExternalApiConfig | Taint tracking configuration for flow from |
Aliases
UntrustedDataToExternalApiFlow | Tracks flow from untrusted data to external APIs. |