CodeQL library for Java/Kotlin
codeql/java-all 0.9.1 (changelog, source)
Index
Search

Module ResponseSplitting

Provides classes to reason about header splitting attacks.

Import path

import semmle.code.java.security.ResponseSplitting

Imports

DataFlow

Provides classes for performing local (intra-procedural) and global (inter-procedural) data flow analyses.

FlowSources

Provides classes representing various flow sources for taint tracking.

JaxWS

Definitions relating to JAX-WS (Java/Jakarta API for XML Web Services) and JAX-RS (Java/Jakarta API for RESTful Web Services).

Servlets

Provides classes and predicates for working with the Java Servlet API.

java

Provides all default Java QL imports.

Classes

HeaderSplittingSink

A sink that is vulnerable to an HTTP header splitting attack.

SafeHeaderSplittingSource

A source that introduces data considered safe to use by a header splitting source.