CodeQL library for JavaScript
Search

Module InsecureDownloadQuery

Provides a taint tracking configuration for reasoning about download of sensitive file through insecure connection.

Note, for performance reasons: only import this file if InsecureDownload::Configuration is needed, otherwise InsecureDownloadCustomizations should be imported instead.

Import path

import semmle.javascript.security.dataflow.InsecureDownloadQuery

Imports

InsecureDownload

Classes and predicates for reasoning about download of sensitive file through insecure connection vulnerabilities.

javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Classes

Configuration

A taint tracking configuration for download of sensitive file through insecure connection.