Class JwtParserWithInsecureParseSink

The qualifier of an insecure parsing method. That is, either the qualifier of a call to the parse(token), parseClaimsJwt(token) or parsePlaintextJwt(token) methods or the qualifier of a call to a parse(token, handler) method where the handler is considered insecure.

Import path

import semmle.code.java.security.JWT

Direct supertypes

ApiSinkNode

Indirect supertypes

Fields

insecureParseMa

Predicates

getParseMethodCall

Gets the method access that does the insecure parsing.

Inherited predicates

asExpr	Gets the expression corresponding to this node, if any.	from Node
asParameter	Gets the parameter corresponding to this node, if any.	from Node
getEnclosingCallable	Gets the callable in which this node occurs.	from Node
getLocation	Gets the source location for this element.	from Node
getType	Gets the type of this node.	from Node
getTypeBound	Gets an upper bound on the type of this node.	from Node
hasLocationInfo	Holds if this element is at the specified location. The location spans column `startcolumn` of line `startline` to column `endcolumn` of line `endline` in file `filepath`. For more information, see Locations.	from Node
toString	Gets a textual representation of this element.	from Node

Charpred

JwtParserWithInsecureParseSink