Class TaintTracking::SharedTaintStep
A taint-propagating data flow edge that should be added to all taint tracking configurations in addition to standard data flow edges.
This class is a singleton, and thus subclasses do not need to specify a characteristic predicate.
Note: For performance reasons, all subclasses of this class should be part
of the standard library. Override Configuration::isAdditionalTaintStep
for analysis-specific taint steps.
This class has multiple kinds of step
predicates; these all have the same
effect on taint-tracking configurations. However, the categorization of steps
allows some data-flow configurations to opt in to specific kinds of taint steps.
Import path
import javascript
Direct supertypes
Indirect supertypes
Known direct subtypes
Predicates
arrayStep | Holds if |
deserializeStep | Holds if |
heapStep | Holds if |
heuristicStep | Holds if |
persistentStorageStep | Holds if |
promiseStep | Holds if |
serializeStep | Holds if |
step | Holds if |
stringConcatenationStep | Holds if |
stringManipulationStep | Holds if |
uriStep | Holds if |
viewComponentStep | Holds if |