Module ReflectedXss
Import path
import semmle.javascript.security.dataflow.ReflectedXssCustomizations
Predicates
getANonHtmlHeaderDefinition |
DEPRECATED: Gets a HeaderDefinition that defines a non-html content-type for |
getAXssSafeHeaderDefinition |
Gets a HeaderDefinition that defines a XSS safe content-type for |
headerAffects |
Holds if a header set in |
isLocalHeaderDefinition |
Holds if the HeaderDefinition |
nonHtmlContentTypeHeader |
DEPRECATED: Holds if |
xssSafeContentTypeHeader |
Holds if |
xssUnsafeContentType |
Gets a content-type that may lead to javascript code being executed in the browser. ref: https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#content-types |
Classes
HttpResponseSink |
An expression that is sent as part of an HTTP response, considered as an XSS sink. |
Sanitizer |
A sanitizer for reflected XSS vulnerabilities. |
Sink |
A data flow sink for reflected XSS vulnerabilities. |
Source |
A data flow source for reflected XSS vulnerabilities. |
ThirdPartyRequestInputAccessAsSource |
A third-party controllable request input, considered as a flow source for reflected XSS. |