CodeQL library for Java/Kotlin
codeql/java-all 4.2.1 (changelog, source)
Search

Module InsecureBasicAuth

Provides classes and predicates to reason about Insecure Basic Authentication vulnerabilities.

Import path

import semmle.code.java.security.InsecureBasicAuth

Imports

DataFlow

Provides classes for performing local (intra-procedural) and global (inter-procedural) data flow analyses.

HttpsUrls

Provides classes and predicates to reason about plaintext HTTP vulnerabilities.

TaintTracking

Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses.

java

Provides all default Java QL imports.

Classes

InsecureBasicAuthSink

A sink that represents a method that sets Basic Authentication. Extend this class to add your own Insecure Basic Authentication sinks.

InsecureBasicAuthSource

A source that represents HTTP URLs. Extend this class to add your own Insecure Basic Authentication sources.