Module InsecureBasicAuth
Provides classes and predicates to reason about Insecure Basic Authentication vulnerabilities.
Import path
import semmle.code.java.security.InsecureBasicAuth
Imports
DataFlow | Provides classes for performing local (intra-procedural) and global (inter-procedural) data flow analyses. |
HttpsUrls | Provides classes and predicates to reason about plaintext HTTP vulnerabilities. |
TaintTracking | Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses. |
java | Provides all default Java QL imports. |
Classes
InsecureBasicAuthSink | A sink that represents a method that sets Basic Authentication. Extend this class to add your own Insecure Basic Authentication sinks. |
InsecureBasicAuthSource | A source that represents HTTP URLs. Extend this class to add your own Insecure Basic Authentication sources. |