CodeQL library for Python
codeql/python-all 2.2.0 (changelog, source)
Search

Module CookieInjection

Provides default sources, sinks and sanitizers for detecting “cookie injection” vulnerabilities, as well as extension points for adding your own.

Import path

import semmle.python.security.dataflow.CookieInjectionCustomizations

Classes

CookieWriteSink

A write to a cookie, considered as a sink.

RemoteFlowSourceAsSource

DEPRECATED: Use ActiveThreatModelSource from Concepts instead!

Sanitizer

A sanitizer for “cookie injection” vulnerabilities.

Sink

A data flow sink for “cookie injection” vulnerabilities.

Source

A data flow source for “cookie injection” vulnerabilities.