Module DomBasedXss::DomBasedXss

Classes

Configuration

A taint-tracking configuration for reasoning about XSS.

DangerouslySetInnerHtmlSink

A React dangerouslySetInnerHTML attribute, viewed as an XSS sink.

DomParserSink

An expression whose value is interpreted as HTML by a DOMParser.

DomSink

An expression whose value is interpreted as HTML or CSS and may be inserted into the DOM.

EmailHtmlBodySink

The HTML body of an email, viewed as an XSS sink.

LibrarySink

An expression whose value is interpreted as HTML and may be inserted into the DOM through a library.

LocationSource

An access of the URL of this page, or of the referrer to this page.

RemoteFlowSourceAsSource

A source of remote user input, considered as a flow source for DOM-based XSS.

Sanitizer

A sanitizer for XSS vulnerabilities.

Sink

A data flow sink for XSS vulnerabilities.

Source

A data flow source for XSS vulnerabilities.