Module CodeInjection::CodeInjection

Classes

AngularJSExpressionSink

An expression which may be interpreted as an AngularJS expression.

Configuration

A taint-tracking configuration for reasoning about code injection vulnerabilities.

EvalJavaScriptSink

An expression which may be evaluated as JavaScript.

LocationSource

An access to a property that may hold (parts of) the document URL.

NodeJSVmSink

An expression which may be evaluated as JavaScript in NodeJS using the vm module.

RemoteFlowSourceAsSource

A source of remote user input, considered as a flow source for code injection.

Sanitizer

A sanitizer for code injection vulnerabilities.

Sink

A data flow sink for code injection vulnerabilities.

Source

A data flow source for code injection vulnerabilities.

WebViewInjectedJavaScriptSink

An expression which is injected as JavaScript into a React Native WebView.