CodeQL library for Python
codeql/python-all 2.0.1-dev (changelog, source)
Search

Module ServerSideRequestForgery

Provides default sources, sinks and sanitizers for detecting “Server-side request forgery” vulnerabilities, as well as extension points for adding your own.

Import path

import semmle.python.security.dataflow.ServerSideRequestForgeryCustomizations

Classes

ConstCompareAsSanitizerGuard

A comparison with a constant, considered as a sanitizer-guard.

FullUrlControlSanitizer

A sanitizer for “Server-side request forgery” vulnerabilities, that ensures the attacker does not have full control of the URL. (that is, might still be able to control path or query parameters).

HttpRequestUrlAsSink

The URL of an HTTP request, considered as a sink.

RemoteFlowSourceAsSource

A source of remote user input, considered as a flow source.

Sanitizer

A sanitizer for “Server-side request forgery” vulnerabilities.

Sink

A data flow sink for “Server-side request forgery” vulnerabilities.

Source

A data flow source for “Server-side request forgery” vulnerabilities.

StringConstructionAsFullUrlControlSanitizer

A string construction (concat, format, f-string) where the left side is not user-controlled.

Aliases

StringConstCompareAsSanitizerGuard

DEPRECATED: Use ConstCompareAsSanitizerGuard instead.