Module TaintedObject
Provides methods for reasoning about the flow of deeply tainted objects, such as JSON objects parsed from user-controlled data.
Deeply tainted objects are arrays or objects with user-controlled property names, containing tainted values or deeply tainted objects in their properties.
To track deeply tainted objects, a flow-tracking configuration should generally include the following:
- One or more sinks associated with the label
TaintedObject::label()
. - The sources from
TaintedObject::isSource
. - The flow steps from
TaintedObject::step
. - The sanitizing guards
TaintedObject::SanitizerGuard
.
Import path
import semmle.javascript.security.TaintedObject
Imports
javascript | Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML. |
Modules
TaintedObject | Provides classes and predicates for reasoning about deeply tainted objects. |