CodeQL library for JavaScript/TypeScript
codeql/javascript-all 2.1.2-dev (changelog, source)
Search

Module InsecureDownload::Label

Flow-labels for reasoning about download of sensitive file through insecure connection.

Import path

import semmle.javascript.security.dataflow.InsecureDownloadCustomizations

Classes

InsecureUrl

A flow-label for a URL that is downloaded over an insecure connection.

SensitiveInsecureUrl

A flow-label for file URLs that are both sensitive and downloaded over an insecure connection.