Class TaintTracking :: SharedTaintStep
A taint-propagating data flow edge that should be added to all taint tracking configurations in addition to standard data flow edges.
This class is a singleton, and thus subclasses do not need to specify a characteristic predicate.
Note: For performance reasons, all subclasses of this class should be part
of the standard library. Override Configuration::isAdditionalTaintStep
for analysis-specific taint steps.
This class has multiple kinds of step
predicates; these all have the same
effect on taint-tracking configurations. However, the categorization of steps
allows some data-flow configurations to opt in to specific kinds of taint steps.
Import path
import javascript
Direct supertypes
Indirect supertypes
Known direct subtypes
Predicates
arrayStep |
Holds if |
deserializeStep |
Holds if |
heapStep |
Holds if |
heuristicStep |
Holds if |
persistentStorageStep |
Holds if |
promiseStep |
Holds if |
serializeStep |
Holds if |
step |
Holds if |
stringConcatenationStep |
Holds if |
stringManipulationStep |
Holds if |
uriStep |
Holds if |
viewComponentStep |
Holds if |