A rate limiter constructed using the express-limiter
package.
Note that the express-limiter
package is unusual in that it may optionally install itself as a middleware.
That aspect is handled by the Express core model.
Import path
import semmle.javascript.security.dataflow.MissingRateLimiting
Direct supertypes
Indirect supertypes
Predicates
getRoutingNode | Gets a routing node corresponding to this middleware function. |
Inherited predicates
accessesGlobal | Holds if this data flow node accesses the global variable | from Node |
analyze | Gets type inference results for this data flow node. | from Node |
asExpr | Gets the expression corresponding to this data flow node, if any. | from Node |
backtrack | Gets a node that may flow into this one using one heap and/or interprocedural step. | from SourceNode |
flowsTo | Holds if this node flows into | from SourceNode |
flowsToExpr | Holds if this node flows into | from SourceNode |
getABoundFunctionValue | Gets a function value that may reach this node, possibly derived from a partial function invocation. | from Node |
getACall | Gets a function call to this node. | from SourceNode |
getAChainedMethodCall | Gets a chained method call that invokes | from SourceNode |
getAConstructorInvocation | Gets a | from SourceNode |
getAFunctionValue | Gets a function value that may reach this node. | from Node |
getAFunctionValue | Gets a function value that may reach this node with the given | from Node |
getALocalSource | Gets a source node from which data may flow to this node in zero or more local steps. | from Node |
getALocalUse | Gets a node into which data may flow from this node in zero or more local steps. | from SourceNode |
getAMemberCall | Gets a function call that invokes method | from SourceNode |
getAMemberInvocation | Gets an invocation of the method or constructor named | from SourceNode |
getAMethodCall | Gets a method call that invokes a method on this node. | from SourceNode |
getAMethodCall | Gets a method call that invokes method | from SourceNode |
getAPredecessor | Gets a data flow node from which data may flow to this node in one local step. | from Node |
getAPropertyRead | Gets a read of any property on this node. | from SourceNode |
getAPropertyRead | Gets a read of property | from SourceNode |
getAPropertyReference | Gets a reference (read or write) of any property on this node. | from SourceNode |
getAPropertyReference | Gets a reference (read or write) of property | from SourceNode |
getAPropertySource | Gets a source node whose value is stored in a property of this node. | from SourceNode |
getAPropertySource | Gets a source node whose value is stored in property | from SourceNode |
getAPropertyWrite | Gets a write of any property on this node. | from SourceNode |
getAPropertyWrite | Gets a write of property | from SourceNode |
getASuccessor | Gets a data flow node to which data may flow from this node in one local step. | from Node |
getAnInstantiation | Gets a | from SourceNode |
getAnInvocation | Gets an invocation (with our without | from SourceNode |
getAstNode | Gets the AST node corresponding to this data flow node, if any. | from Node |
getBasicBlock | Gets the basic block to which this node belongs. | from Node |
getContainer | Gets the container in which this node occurs. | from Node |
getEnclosingExpr | Gets the expression enclosing this data flow node. In most cases the result is the same as | from Node |
getEndColumn | Gets the end column of this data flow node. | from Node |
getEndLine | Gets the end line of this data flow node. | from Node |
getFile | Gets the file this data flow node comes from. | from Node |
getImmediatePredecessor | Gets the immediate predecessor of this node, if any. | from Node |
getIntValue | Gets the integer value of this node, if it is an integer constant. | from Node |
getLocation | Gets the location of this node. | from Node |
getStartColumn | Gets the start column of this data flow node. | from Node |
getStartLine | Gets the start line of this data flow node. | from Node |
getStringValue | Gets the string value of this node, if it is a string literal or constant string concatenation. | from Node |
getTopLevel | Gets the toplevel in which this node occurs. | from Node |
hasLocationInfo | Holds if this element is at the specified location. The location spans column | from Node |
hasPropertyWrite | Holds if there is an assignment to property | from SourceNode |
hasUnderlyingType | Holds if this node is annotated with the given named type, or is declared as a subtype thereof, or is a union or intersection containing such a type. | from Node |
hasUnderlyingType | Holds if this node is annotated with the given named type, or is declared as a subtype thereof, or is a union or intersection containing such a type. | from Node |
isIncomplete | Holds if the flow information for this node is incomplete. | from Node |
mayHaveBooleanValue | Holds if this node may evaluate to the Boolean value | from Node |
mayHaveStringValue | Holds if this node may evaluate to the string | from Node |
ref | Gets a data flow node referring to this middleware. | from RateLimitingMiddleware |
toString | Gets a textual representation of this element. | from Node |
track | Gets a node that this node may flow to using one heap and/or interprocedural step. | from SourceNode |