import * as parser from '@babel/parser'; import * as t from '@babel/types'; import { Rule } from '../rule'; import { CategoryType, CodeFinding, SeverityLevel } from '../../types'; /** * Rule to detect unsanitized user input */ export declare class UnsanitizedInputRule extends Rule { readonly id = "security-unsanitized-input"; readonly name = "Unsanitized Input"; readonly description = "Detects potentially dangerous use of unsanitized user input"; readonly category = CategoryType.Security; readonly defaultSeverity = SeverityLevel.Critical; readonly requiresAST = true; private readonly inputSources; private readonly dangerousSinks; private readonly sanitizationFunctions; /** * Apply the rule to the given code * * @param code - Source code * @param ast - Parsed AST * @param filePath - Path to the file * @returns Array of findings */ apply(code: string, ast: parser.ParseResult, filePath: string): CodeFinding[]; /** * Check if a node contains user input * * @param node - AST node * @param userInputVariables - Set of variables that might contain user input * @returns True if the node contains user input */ private containsUserInput; /** * Check if a node is sanitized * * @param node - AST node * @returns True if the node is sanitized */ private isSanitized; /** * Generate a suggestion for sanitizing user input * * @param _ - Original code (unused) * @param sinkName - Name of the dangerous sink * @returns Suggested code */ protected generateSuggestion(_: string, sinkName?: string): string; /** * Generate a suggestion for sanitizing React dangerouslySetInnerHTML * * @param _ - Original code (unused) * @returns Suggested code */ protected generateReactSuggestion(_: string): string; /** * Get the name of the function containing this code * * @param path - AST path * @returns Function name or undefined */ protected getFunctionName(path: any): string | undefined; }