Query module InappropriateEncoding

name
Inappropriate encoding
description
Using an inappropriate encoding may give unintended results and may pose a security risk.
kind
path-problem
problem.severity
error
precision
low
id
cs/inappropriate-encoding
tags
security external/cwe/cwe-838

Imports

DataFlow
Net

Provides definitions related to the namespace System.Net.

PathGraph

Provides the query predicates needed to include a graph in a path-problem query.

Sanitizers

Provides classes for identifying expressions that might be sanitized.

SqlInjection

Provides a taint-tracking configuration for reasoning about SQL injection vulnerabilities.

System

Provides definitions related to the namespace System.

UI

Provides definitions related to the namespace System.Web.UI.

UrlRedirect

Provides a taint-tracking configuration for reasoning about unvalidated URL redirect problems.

Web

Provides definitions related to the namespace System.Web.

XSS

Provides a taint-tracking configuration for reasoning about cross-site scripting (XSS) vulnerabilities.

csharp

The default C# QL library.

Classes

EncodedValue

An encoded value, for example a call to HttpServerUtility.HtmlEncode.

RequiresEncodingConfiguration

A configuration for specifying expressions that must be encoded, along with a set of potential valid encoded values.

Modules