Module ReflectedXss
Import path
import semmle.javascript.security.dataflow.ReflectedXssCustomizations
Predicates
getAXssSafeHeaderDefinition | Gets a HeaderDefinition that defines a XSS safe content-type for |
headerAffects | Holds if a header set in |
isLocalHeaderDefinition | Holds if the HeaderDefinition |
xssSafeContentTypeHeader | Holds if |
xssUnsafeContentType | Gets a content-type that may lead to javascript code being executed in the browser. ref: https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#content-types |
Classes
HttpResponseSink | An expression that is sent as part of an HTTP response, considered as an XSS sink. |
Sanitizer | A sanitizer for reflected XSS vulnerabilities. |
Sink | A data flow sink for reflected XSS vulnerabilities. |
Source | A data flow source for reflected XSS vulnerabilities. |
ThirdPartyRequestInputAccessAsSource | A third-party controllable request input, considered as a flow source for reflected XSS. |