CodeQL library for Java/Kotlin
codeql/java-all 4.2.2-dev (changelog, source)
Search

Module XSS

Provides classes to reason about Cross-site scripting (XSS) vulnerabilities.

Import path

import semmle.code.java.security.XSS

Imports

DataFlow

Provides classes for performing local (intra-procedural) and global (inter-procedural) data flow analyses.

JSFRenderer

Provides classes and predicates for working with JavaServer Faces renderer.

Servlets

Provides classes and predicates for working with the Java Servlet API.

SpringController
SpringHttp

Provides classes for working with Spring classes and interfaces from org.springframework.http.

TaintTracking

Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses.

WebView
java

Provides all default Java QL imports.

Predicates

isXssSafeContentType

Holds if s is an HTTP Content-Type that is not vulnerable to XSS.

isXssVulnerableContentType

Holds if s is an HTTP Content-Type vulnerable to XSS.

Classes

XssAdditionalTaintStep

A unit class for adding additional taint steps.

XssSanitizer

A sanitizer that neutralizes dangerous characters that can be used to perform a XSS attack.

XssSink

A sink that represent a method that outputs data without applying contextual output encoding.

XssSinkBarrier

A sink that represent a method that outputs data without applying contextual output encoding, and which should truncate flow paths such that downstream sinks are not flagged as well.

XssVulnerableWriterSource

An output stream or writer that writes to a servlet, JSP or JSF response.

XssVulnerableWriterSourceNode

A xss vulnerable writer source node.