A sanitizer for “Server-side request forgery” vulnerabilities, that ensures the attacker does not have full control of the URL. (that is, might still be able to control path or query parameters).
Import path
import semmle.python.security.dataflow.ServerSideRequestForgeryCustomizationsDirect supertypes
Indirect supertypes
Known direct subtypes
Inherited predicates
| asCfgNode | Gets the control-flow node corresponding to this node, if any. | from Node |
| asExpr | Gets the expression corresponding to this node, if any. | from Node |
| getALocalSource | Gets a local source node from which data may flow to this node in zero or more local data-flow steps. | from Node |
| getEnclosingCallable | Gets the enclosing callable of this node. | from Node |
| getLocation | Gets the location of this node | from Node |
| getScope | Gets the scope of this node. | from Node |
| hasLocationInfo | Holds if this element is at the specified location. The location spans column | from Node |
| toString | Gets a textual representation of this element. | from Node |