For other CodeQL resources, including tutorials and examples, see the CodeQL documentation

InsecureDownload

Module InsecureDownloadCustomizations

Classes and predicates for reasoning about download of sensitive file through insecure connection vulnerabilities.


                                import semmle.javascript.security.dataflow.InsecureDownloadCustomizations

clientRequestResponse	Gets a node for the response from `request`, type-tracked using `t`.
hasUnsafeExtension	Holds if `str` is a string that ends with an unsafe file extension.
unsafeExtension	Gets a file-extension that can potentially be dangerous.

ClientRequestUrl	A url downloaded by a client-request, seen as a sink for download of sensitive file through insecure connection.
FileWriteSink	A url that is downloaded through an insecure connection, where the result ends up being saved to a sensitive location.
Sanitizer	A sanitizer for download of sensitive file through insecure connection.
SensitiveFileUrl	A HTTP or FTP URL that refers to a file with a sensitive file extension, seen as a source for download of sensitive file through insecure connection.
Sink	A data flow sink for download of sensitive file through insecure connection.
Source	A data flow source for download of sensitive file through insecure connection.

Flow-labels for reasoning about download of sensitive file through insecure connection.

ClientRequestURL

DEPRECATED: Alias for ClientRequestUrl