Module UrlConcatenation
Provides a class for detecting string concatenations involving
the characters ?
and #
, which are considered sanitizers for
the URL redirection queries.
Import path
import semmle.javascript.security.dataflow.UrlConcatenation
Imports
javascript | Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML. |
Predicates
hostnameSanitizingPrefixEdge | Holds if data that flows from |
sanitizingPrefixEdge | Holds if data that flows from |
Classes
HostnameSanitizerGuard | A check that sanitizes the hostname of a URL. |