Module RegExpInjection
Import path
import semmle.javascript.security.dataflow.RegExpInjectionCustomizations
Classes
ArgvAsSource |
A read of |
MetacharEscapeSanitizer |
A global regexp replacement involving the |
RegExpSanitizationCall |
A call to a function whose name suggests that it escapes regular expression meta-characters. |
RegularExpressionSourceAsSink |
The source string of a regular expression. |
RemoteFlowSourceAsSource |
A source of remote user input, considered as a flow source for regular expression injection. |
Sanitizer |
A sanitizer for untrusted user input used to construct regular expressions. |
Sink |
A data flow sink for untrusted user input used to construct regular expressions. |
Source |
A data flow source for untrusted user input used to construct regular expressions. |