Module InsecureDownload
Classes and predicates for reasoning about download of sensitive file through insecure connection vulnerabilities.
Import path
import semmle.javascript.security.dataflow.InsecureDownloadCustomizations
Predicates
clientRequestResponse |
Gets a node for the response from |
hasUnsafeExtension |
Holds if |
unsafeExtension |
Gets a file-extension that can potentially be dangerous. |
Classes
ClientRequestUrl |
A url downloaded by a client-request, seen as a sink for download of sensitive file through insecure connection. |
FileWriteSink |
A url that is downloaded through an insecure connection, where the result ends up being saved to a sensitive location. |
Sanitizer |
A sanitizer for download of sensitive file through insecure connection. |
SensitiveFileUrl |
A HTTP or FTP URL that refers to a file with a sensitive file extension, seen as a source for download of sensitive file through insecure connection. |
Sink |
A data flow sink for download of sensitive file through insecure connection. |
Source |
A data flow source for download of sensitive file through insecure connection. |
Modules
Label |
Flow-labels for reasoning about download of sensitive file through insecure connection. |
Aliases
ClientRequestURL |
DEPRECATED: Alias for ClientRequestUrl |