CodeQL library for JavaScript
Search

Module ClientSideRequestForgeryQuery

Provides a taint-tracking configuration for reasoning about client-side request forgery.

Note, for performance reasons: only import this file if the Configuration class is needed, otherwise RequestForgeryCustomizations should be imported instead.

Import path

import semmle.javascript.security.dataflow.ClientSideRequestForgeryQuery

Imports

RequestForgery
UrlConcatenation

Provides a class for detecting string concatenations involving the characters ? and #, which are considered sanitizers for the URL redirection queries.

javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Classes

Configuration

A taint tracking configuration for client-side request forgery.