CodeQL library for JavaScript/TypeScript
codeql/javascript-all 2.2.2-dev (changelog, source)
Index
Search

Module InsecureDownloadConfig

A taint tracking configuration for download of sensitive file through insecure connection.

Import path

import semmle.javascript.security.dataflow.InsecureDownloadQuery

Predicates

isBarrier

Holds if data flow through node is prohibited. This completely removes node from the data flow graph.

isSink

Holds if sink is a relevant data flow sink accepting state.

isSource

Holds if source is a relevant data flow source with the given initial state.

observeDiffInformedIncrementalMode

Holds if sources and sinks should be filtered to only include those that may lead to a flow path with either a source or a sink in the location range given by AlertFiltering. This only has an effect when running in diff-informed incremental mode.

Aliases

FlowState

A flow state to associate with a tracked value.