Module ClientSideUrlRedirect

Provides a taint-tracking configuration for reasoning about unvalidated URL redirection problems on the client side.

Import path

semmle.javascript.security.dataflow.ClientSideUrlRedirect

Imports

RemoteFlowSources

Provides a class for modelling sources of remote user input.

UrlConcatenation

Provides a class for detecting string concatenations involving the characters ? and #, which are considered sanitizers for the URL redirection queries.

javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Modules

Aliases

ClientSideUrlRedirectDataFlowConfiguration

DEPRECATED: Use ClientSideUrlRedirect::Configuration instead.

ClientSideUrlRedirectSanitizer

DEPRECATED: Use ClientSideUrlRedirect::Sanitizer instead.

ClientSideUrlRedirectSink

DEPRECATED: Use ClientSideUrlRedirect::Sink instead.

ClientSideUrlRedirectSource

DEPRECATED: Use ClientSideUrlRedirect::Source instead.