Mercurial Repositories > eric / file revision
src/eric7/Documentation/Source/eric7.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.html@b51dfacef37f
src/eric7/Documentation/Source/eric7.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability.html
Fri, 27 Oct 2023 14:09:40 +0200
- author
- Detlev Offenbach <detlev@die-offenbachs.de>
- date
- Fri, 27 Oct 2023 14:09:40 +0200
- branch
- eric7
- changeset 10259
- b51dfacef37f
- parent 10070
- 9f5758c0fec1
- child 10479
- 856476537696
- permissions
- -rw-r--r--
Regenerated the source documentation with the corrected module parser.
<!DOCTYPE html> <html><head> <title>eric7.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability</title> <meta charset="UTF-8"> <link rel="stylesheet" href="styles.css"> </head> <body> <a NAME="top" ID="top"></a> <h1>eric7.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.djangoXssVulnerability</h1> <p> Module implementing checks for potential XSS vulnerability. </p> <h3>Global Attributes</h3> <table> <tr><td>None</td></tr> </table> <h3>Classes</h3> <table> <tr> <td><a href="#DeepAssignation">DeepAssignation</a></td> <td>Class to perform a deep analysis of an assign.</td> </tr> </table> <h3>Functions</h3> <table> <tr> <td><a href="#checkDjangoXssVulnerability">checkDjangoXssVulnerability</a></td> <td>Function to check for potential XSS vulnerability.</td> </tr> <tr> <td><a href="#checkPotentialRisk">checkPotentialRisk</a></td> <td>Function to check a given node for a potential XSS vulnerability.</td> </tr> <tr> <td><a href="#evaluateCall">evaluateCall</a></td> <td>Function to evaluate a call node for potential XSS vulnerability.</td> </tr> <tr> <td><a href="#evaluateVar">evaluateVar</a></td> <td>Function to evaluate a variable node for potential XSS vulnerability.</td> </tr> <tr> <td><a href="#getChecks">getChecks</a></td> <td>Public method to get a dictionary with checks handled by this module.</td> </tr> <tr> <td><a href="#transform2call">transform2call</a></td> <td>Function to transform a variable node to a call node.</td> </tr> </table> <hr /> <hr /> <a NAME="DeepAssignation" ID="DeepAssignation"></a> <h2>DeepAssignation</h2> <p> Class to perform a deep analysis of an assign. </p> <h3>Derived from</h3> None <h3>Class Attributes</h3> <table> <tr><td>None</td></tr> </table> <h3>Class Methods</h3> <table> <tr><td>None</td></tr> </table> <h3>Methods</h3> <table> <tr> <td><a href="#DeepAssignation.__init__">DeepAssignation</a></td> <td>Constructor</td> </tr> <tr> <td><a href="#DeepAssignation.isAssigned">isAssigned</a></td> <td>Public method to check assignment against a given node.</td> </tr> <tr> <td><a href="#DeepAssignation.isAssignedIn">isAssignedIn</a></td> <td>Public method to check, if the variable is assigned to.</td> </tr> </table> <h3>Static Methods</h3> <table> <tr><td>None</td></tr> </table> <a NAME="DeepAssignation.__init__" ID="DeepAssignation.__init__"></a> <h4>DeepAssignation (Constructor)</h4> <b>DeepAssignation</b>(<i>varName, ignoreNodes=None</i>) <p> Constructor </p> <dl> <dt><i>varName</i> (str)</dt> <dd> name of the variable </dd> <dt><i>ignoreNodes</i> (list of ast.AST)</dt> <dd> list of nodes to ignore </dd> </dl> <a NAME="DeepAssignation.isAssigned" ID="DeepAssignation.isAssigned"></a> <h4>DeepAssignation.isAssigned</h4> <b>isAssigned</b>(<i>node</i>) <p> Public method to check assignment against a given node. </p> <dl> <dt><i>node</i> (ast.AST)</dt> <dd> node to check against </dd> </dl> <dl> <dt>Return:</dt> <dd> flag indicating an assignement </dd> </dl> <dl> <dt>Return Type:</dt> <dd> bool </dd> </dl> <a NAME="DeepAssignation.isAssignedIn" ID="DeepAssignation.isAssignedIn"></a> <h4>DeepAssignation.isAssignedIn</h4> <b>isAssignedIn</b>(<i>items</i>) <p> Public method to check, if the variable is assigned to. </p> <dl> <dt><i>items</i> (list of ast.AST)</dt> <dd> list of nodes to check against </dd> </dl> <dl> <dt>Return:</dt> <dd> list of nodes assigned </dd> </dl> <dl> <dt>Return Type:</dt> <dd> list of ast.AST </dd> </dl> <div align="right"><a href="#top">Up</a></div> <hr /> <hr /> <a NAME="checkDjangoXssVulnerability" ID="checkDjangoXssVulnerability"></a> <h2>checkDjangoXssVulnerability</h2> <b>checkDjangoXssVulnerability</b>(<i>reportError, context, config</i>) <p> Function to check for potential XSS vulnerability. </p> <dl> <dt><i>reportError</i> (func)</dt> <dd> function to be used to report errors </dd> <dt><i>context</i> (SecurityContext)</dt> <dd> security context object </dd> <dt><i>config</i> (dict)</dt> <dd> dictionary with configuration data </dd> </dl> <div align="right"><a href="#top">Up</a></div> <hr /> <hr /> <a NAME="checkPotentialRisk" ID="checkPotentialRisk"></a> <h2>checkPotentialRisk</h2> <b>checkPotentialRisk</b>(<i>reportError, node</i>) <p> Function to check a given node for a potential XSS vulnerability. </p> <dl> <dt><i>reportError</i> (func)</dt> <dd> function to be used to report errors </dd> <dt><i>node</i> (ast.Call)</dt> <dd> node to be checked </dd> </dl> <div align="right"><a href="#top">Up</a></div> <hr /> <hr /> <a NAME="evaluateCall" ID="evaluateCall"></a> <h2>evaluateCall</h2> <b>evaluateCall</b>(<i>call, parent, ignoreNodes=None</i>) <p> Function to evaluate a call node for potential XSS vulnerability. </p> <dl> <dt><i>call</i> (ast.Call)</dt> <dd> call node to be checked </dd> <dt><i>parent</i> (ast.AST)</dt> <dd> parent node </dd> <dt><i>ignoreNodes</i> (list of ast.AST)</dt> <dd> list of nodes to ignore </dd> </dl> <dl> <dt>Return:</dt> <dd> flag indicating a secure evaluation </dd> </dl> <dl> <dt>Return Type:</dt> <dd> bool </dd> </dl> <div align="right"><a href="#top">Up</a></div> <hr /> <hr /> <a NAME="evaluateVar" ID="evaluateVar"></a> <h2>evaluateVar</h2> <b>evaluateVar</b>(<i>xssVar, parent, until, ignoreNodes=None</i>) <p> Function to evaluate a variable node for potential XSS vulnerability. </p> <dl> <dt><i>xssVar</i> (ast.Name)</dt> <dd> variable node to be checked </dd> <dt><i>parent</i> (ast.AST)</dt> <dd> parent node </dd> <dt><i>until</i> (int)</dt> <dd> end line number to evaluate variable against </dd> <dt><i>ignoreNodes</i> (list of ast.AST)</dt> <dd> list of nodes to ignore </dd> </dl> <dl> <dt>Return:</dt> <dd> flag indicating a secure evaluation </dd> </dl> <dl> <dt>Return Type:</dt> <dd> bool </dd> </dl> <div align="right"><a href="#top">Up</a></div> <hr /> <hr /> <a NAME="getChecks" ID="getChecks"></a> <h2>getChecks</h2> <b>getChecks</b>(<i></i>) <p> Public method to get a dictionary with checks handled by this module. </p> <dl> <dt>Return:</dt> <dd> dictionary containing checker lists containing checker function and list of codes </dd> </dl> <dl> <dt>Return Type:</dt> <dd> dict </dd> </dl> <div align="right"><a href="#top">Up</a></div> <hr /> <hr /> <a NAME="transform2call" ID="transform2call"></a> <h2>transform2call</h2> <b>transform2call</b>(<i>var</i>) <p> Function to transform a variable node to a call node. </p> <dl> <dt><i>var</i> (ast.BinOp)</dt> <dd> variable node </dd> </dl> <dl> <dt>Return:</dt> <dd> call node </dd> </dl> <dl> <dt>Return Type:</dt> <dd> ast.Call </dd> </dl> <div align="right"><a href="#top">Up</a></div> <hr /> </body></html>
