Module UnsafeDynamicMethodAccess
Import path
import semmle.javascript.security.dataflow.UnsafeDynamicMethodAccessCustomizations
Predicates
unsafeFunction | Gets the flow label describing values that may refer to an unsafe function as a result of an attacker-controlled property name. |
Classes
CalleeAsSink | A function invocation of an unsafe function, as a sink for remote unsafe dynamic method access. |
RemoteFlowSourceAsSource | A source of remote user input, considered as a source for unsafe dynamic method access. |
Sanitizer | A sanitizer for unsafe dynamic method access. |
Sink | A data flow sink for unsafe dynamic method access. |
Source | A data flow source for unsafe dynamic method access. |
UnsafeFunction | A flow label describing values that may refer to an unsafe function as a result of an attacker-controlled property name. |