@regele/devtools
Version:
A collection of developer utilities for code processing and text analysis
65 lines (64 loc) • 2.15 kB
TypeScript
import * as parser from '@babel/parser';
import * as t from '@babel/types';
import { Rule } from '../rule';
import { CategoryType, CodeFinding, SeverityLevel } from '../../types';
/**
* Rule to detect unsanitized user input
*/
export declare class UnsanitizedInputRule extends Rule {
readonly id = "security-unsanitized-input";
readonly name = "Unsanitized Input";
readonly description = "Detects potentially dangerous use of unsanitized user input";
readonly category = CategoryType.Security;
readonly defaultSeverity = SeverityLevel.Critical;
readonly requiresAST = true;
private readonly inputSources;
private readonly dangerousSinks;
private readonly sanitizationFunctions;
/**
* Apply the rule to the given code
*
* @param code - Source code
* @param ast - Parsed AST
* @param filePath - Path to the file
* @returns Array of findings
*/
apply(code: string, ast: parser.ParseResult<t.File>, filePath: string): CodeFinding[];
/**
* Check if a node contains user input
*
* @param node - AST node
* @param userInputVariables - Set of variables that might contain user input
* @returns True if the node contains user input
*/
private containsUserInput;
/**
* Check if a node is sanitized
*
* @param node - AST node
* @returns True if the node is sanitized
*/
private isSanitized;
/**
* Generate a suggestion for sanitizing user input
*
* @param _ - Original code (unused)
* @param sinkName - Name of the dangerous sink
* @returns Suggested code
*/
protected generateSuggestion(_: string, sinkName?: string): string;
/**
* Generate a suggestion for sanitizing React dangerouslySetInnerHTML
*
* @param _ - Original code (unused)
* @returns Suggested code
*/
protected generateReactSuggestion(_: string): string;
/**
* Get the name of the function containing this code
*
* @param path - AST path
* @returns Function name or undefined
*/
protected getFunctionName(path: any): string | undefined;
}