CodeQL library for Java
codeql/java-all 0.4.4 (changelog, source)
Search

Module RequestForgeryConfig

Provides a taint-tracking configuration characterising request-forgery risks.

Only import this directly from .ql files, to avoid the possibility of polluting the Configuration hierarchy accidentally.

Import path

import semmle.code.java.security.RequestForgeryConfig

Imports

FlowSources

Provides classes representing various flow sources for taint tracking.

RequestForgery

Provides classes to reason about server-side request forgery (SSRF) attacks.

Classes

RequestForgeryConfiguration

A taint-tracking configuration characterising request-forgery risks.