CodeQL library for JavaScript
Search

Module HttpToFileAccess

Provides default sources, sinks and sanitizers for reasoning about writing user-controlled data to files, as well as extension points for adding your own.

Import path

import semmle.javascript.security.dataflow.HttpToFileAccessCustomizations

Imports

HttpToFileAccessSpecific

Provides imports and classes needed for HttpToFileAccessQuery and HttpToFileAccessCustomizations.

Classes

FileAccessAsSink

A sink that represents file access method (write, append) argument

Sanitizer

A sanitizer for writing user-controlled data to files.

Sink

A data flow sink for writing user-controlled data to files.

Source

A data flow source for writing user-controlled data to files.