CodeQL library for Python
codeql/python-all 0.11.9 (changelog, source)
Search

Module UrlRedirect

Provides default sources, sinks and sanitizers for detecting “URL redirection” vulnerabilities, as well as extension points for adding your own.

Import path

import semmle.python.security.dataflow.UrlRedirectCustomizations

Classes

AdditionalFlowStep

An additional flow step for “URL redirection” vulnerabilities.

FlowState

A state value to track whether the untrusted data may contain backslashes.

MayContainBackslashes

A state value signifying that the untrusted data may contain backslashes.

NoBackslashes

A state value signifying that any backslashes in the untrusted data have been eliminated, but no other sanitization has happened.

RedirectLocationAsSink

A HTTP redirect response, considered as a flow sink.

RemoteFlowSourceAsSource

A source of remote user input, considered as a flow source.

ReplaceBackslashesSanitizer

A call that replaces backslashes with forward slashes or eliminates them altogether, considered as a partial sanitizer, as well as an additional flow step.

Sanitizer

A sanitizer for “URL redirection” vulnerabilities.

Sink

A data flow sink for “URL redirection” vulnerabilities.

Source

A data flow source for “URL redirection” vulnerabilities.

StringConcatAsSanitizer

The right side of a string-concat, considered as a sanitizer.

StringConstCompareAsSanitizerGuard

A comparison with a constant string, considered as a sanitizer-guard.