Rules for detecting security issues in Angular 1.x
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
lib
tests/rules
.eslintrc
.gitignore
README.md
package-lock.json
package.json

README.md

AngularJS Security Rules For ESLint

These rules are to supplement the security issues documented in my talks at OWASP London and FluentConf around AngularJS Security.

They are currently used as points of interest that would need to be investigate further, but in the upcoming releases they will be a lot more useful when developers write code.

Usage

These rules can be used by downloading the Config which includes the installation settings.

Rules

The current ruleset supports only Angular 1.x issues, and can be noisy, but they are a work in progress.

Current rules are:

  • detect-angular-element-methods
  • detect-angular-open-redirect
  • detect-angular-orderBy-expressions
  • detect-angular-resource-loading
  • detect-angular-sce-disabled
  • detect-angular-scope-expressions
  • detect-angular-service-expressions
  • detect-angular-trustAs-methods
  • detect-angular-trustAsCss-method
  • detect-angular-trustAsHtml-method
  • detect-angular-sce-disabled
  • detect-angular-trustAsJs-method
  • detect-angular-trustAsResourceUrl-method
  • detect-angular-trustAsUrl-method
  • detect-third-party-angular-translate

TODO:

  • Each rule needs better detection, and possibly taint analysis
  • Add more rules related to Angular 1.0 - 5 in mind.
  • Add Angular 2/4 security issues such as bypassSecurityTrustHtml

If you feel anything is missing or would like to see additional rules added, feel free to write an issue