Module InsecureDownload
Classes and predicates for reasoning about download of sensitive file through insecure connection vulnerabilities.
Import path
import semmle.javascript.security.dataflow.InsecureDownloadCustomizations
Predicates
clientRequestResponse | Gets a node for the response from |
hasUnsafeExtension | Holds if |
unsafeExtension | Gets a file-extension that can potentially be dangerous. |
Classes
ClientRequestUrl | A url downloaded by a client-request, seen as a sink for download of sensitive file through insecure connection. |
FileWriteSink | A url that is downloaded through an insecure connection, where the result ends up being saved to a sensitive location. |
Sanitizer | A sanitizer for download of sensitive file through insecure connection. |
SensitiveFileUrl | A HTTP or FTP URL that refers to a file with a sensitive file extension, seen as a source for download of sensitive file through insecure connection. |
Sink | A data flow sink for download of sensitive file through insecure connection. |
Source | A data flow source for download of sensitive file through insecure connection. |
Modules
Label | Flow-labels for reasoning about download of sensitive file through insecure connection. |