Class TaintTracking::SharedTaintStep

A taint-propagating data flow edge that should be added to all taint tracking configurations in addition to standard data flow edges.

This class is a singleton, and thus subclasses do not need to specify a characteristic predicate.

Note: For performance reasons, all subclasses of this class should be part of the standard library. Override Configuration::isAdditionalTaintStep for analysis-specific taint steps.

This class has multiple kinds of step predicates; these all have the same effect on taint-tracking configurations. However, the categorization of steps allows some data-flow configurations to opt in to specific kinds of taint steps.

Import path

import javascript

Direct supertypes

Unit

Indirect supertypes

TUnit

Known direct subtypes

Predicates

arrayStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge through arrays.
deserializeStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge through data deserialization, such as `JSON.parse`.
heapStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge through the heap.
heuristicStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge contributed by the heuristics library.
persistentStorageStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge through persistent storage.
promiseStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge through a promise.
serializeStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge through data serialization, such as `JSON.stringify`.
step	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge.
stringConcatenationStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge through string concatenation.
stringManipulationStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge through string manipulation (other than concatenation).
uriStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge through URI manipulation.
viewComponentStep	Holds if `pred` → `succ` should be considered a taint-propagating data flow edge through the `state` or `props` or a React component.

Inherited predicates

toString

Gets a textual representation of this element.

from Unit