Class ApexXSSFromURLParamRule
- java.lang.Object
-
- net.sourceforge.pmd.properties.AbstractPropertySource
-
- net.sourceforge.pmd.lang.rule.AbstractRule
-
- net.sourceforge.pmd.lang.apex.rule.AbstractApexRule
-
- net.sourceforge.pmd.lang.apex.rule.security.ApexXSSFromURLParamRule
-
- All Implemented Interfaces:
ApexParserVisitor,net.sourceforge.pmd.lang.rule.ImmutableLanguage,net.sourceforge.pmd.properties.PropertySource,net.sourceforge.pmd.renderers.CodeClimateRule,net.sourceforge.pmd.Rule
public class ApexXSSFromURLParamRule extends AbstractApexRule
Detects potential XSS when controller extracts a variable from URL query and uses it without escaping first- Author:
- sergey.gorbaty
-
-
Field Summary
-
Fields inherited from class net.sourceforge.pmd.properties.AbstractPropertySource
propertyDescriptors, propertyValuesByDescriptor
-
-
Constructor Summary
Constructors Constructor Description ApexXSSFromURLParamRule()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.Objectvisit(ASTAssignmentExpression node, java.lang.Object data)java.lang.Objectvisit(ASTFieldDeclaration node, java.lang.Object data)java.lang.Objectvisit(ASTMethodCallExpression node, java.lang.Object data)java.lang.Objectvisit(ASTReturnStatement node, java.lang.Object data)java.lang.Objectvisit(ASTUserClass node, java.lang.Object data)java.lang.Objectvisit(ASTVariableDeclaration node, java.lang.Object data)-
Methods inherited from class net.sourceforge.pmd.lang.apex.rule.AbstractApexRule
apply, getParserOptions, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visitAll
-
Methods inherited from class net.sourceforge.pmd.properties.AbstractPropertySource
copyPropertyDescriptors, copyPropertyValues, definePropertyDescriptor, dysfunctionReason, getPropertiesByPropertyDescriptor, getProperty, getPropertyDescriptor, getPropertyDescriptors, hasDescriptor, ignoredProperties, setProperty, setProperty, useDefaultValueFor, usesDefaultValues
-
Methods inherited from class net.sourceforge.pmd.lang.rule.AbstractRule
addExample, addRuleChainVisit, addRuleChainVisit, addViolation, addViolation, addViolation, addViolationWithMessage, addViolationWithMessage, addViolationWithMessage, deepCopy, deepCopyValuesTo, end, equals, getDescription, getExamples, getExternalInfoUrl, getLanguage, getMaximumLanguageVersion, getMessage, getMinimumLanguageVersion, getName, getPriority, getRuleChainVisits, getRuleClass, getRuleSetName, getSince, hashCode, isDeprecated, isDfa, isMultifile, isRuleChain, isTypeResolution, setDeprecated, setDescription, setDfa, setExternalInfoUrl, setLanguage, setMaximumLanguageVersion, setMessage, setMinimumLanguageVersion, setMultifile, setName, setPriority, setRuleClass, setRuleSetName, setSince, setTypeResolution, setUsesDFA, setUsesMultifile, setUsesTypeResolution, start, usesDFA, usesMultifile, usesRuleChain, usesTypeResolution
-
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface net.sourceforge.pmd.properties.PropertySource
definePropertyDescriptor, dysfunctionReason, getPropertiesByPropertyDescriptor, getProperty, getPropertyDescriptor, getPropertyDescriptors, hasDescriptor, ignoredProperties, setProperty, setProperty, useDefaultValueFor, usesDefaultValues
-
Methods inherited from interface net.sourceforge.pmd.Rule
addExample, addRuleChainVisit, addRuleChainVisit, deepCopy, end, getDescription, getExamples, getExternalInfoUrl, getLanguage, getMaximumLanguageVersion, getMessage, getMinimumLanguageVersion, getName, getPriority, getRuleChainVisits, getRuleClass, getRuleSetName, getSince, isDeprecated, isDfa, isMultifile, isRuleChain, isTypeResolution, setDeprecated, setDescription, setDfa, setExternalInfoUrl, setLanguage, setMaximumLanguageVersion, setMessage, setMinimumLanguageVersion, setMultifile, setName, setPriority, setRuleClass, setRuleSetName, setSince, setTypeResolution, setUsesDFA, setUsesMultifile, setUsesTypeResolution, start, usesDFA, usesMultifile, usesRuleChain, usesTypeResolution
-
-
-
-
Method Detail
-
visit
public java.lang.Object visit(ASTUserClass node, java.lang.Object data)
- Specified by:
visitin interfaceApexParserVisitor- Overrides:
visitin classAbstractApexRule
-
visit
public java.lang.Object visit(ASTAssignmentExpression node, java.lang.Object data)
- Specified by:
visitin interfaceApexParserVisitor- Overrides:
visitin classAbstractApexRule
-
visit
public java.lang.Object visit(ASTVariableDeclaration node, java.lang.Object data)
- Specified by:
visitin interfaceApexParserVisitor- Overrides:
visitin classAbstractApexRule
-
visit
public java.lang.Object visit(ASTFieldDeclaration node, java.lang.Object data)
- Specified by:
visitin interfaceApexParserVisitor- Overrides:
visitin classAbstractApexRule
-
visit
public java.lang.Object visit(ASTMethodCallExpression node, java.lang.Object data)
- Specified by:
visitin interfaceApexParserVisitor- Overrides:
visitin classAbstractApexRule
-
visit
public java.lang.Object visit(ASTReturnStatement node, java.lang.Object data)
- Specified by:
visitin interfaceApexParserVisitor- Overrides:
visitin classAbstractApexRule
-
-