# This preset enables Java warning classes whose significance is 'security'. # # Enable the advanced injection engine for deeper taint propagation. # JAVA_ANALYSIS_ADVANCED_INJECTION = Yes # # These warning classes are disabled by default. # WARNING_FILTER += allow class="Android Message Injection (Java)" WARNING_FILTER += allow class="Android URL Injection (Java)" WARNING_FILTER += allow class="Certificate Added to Root Store (Java)" WARNING_FILTER += allow class="Deprecated Transfer Protocol (Java)" WARNING_FILTER += allow class="Deserializable Class (Java)" WARNING_FILTER += allow class="Deserializing Non-Serializable Class (Java)" WARNING_FILTER += allow class="Hardcoded IP Address (Java)" WARNING_FILTER += allow class="Inadequate Salt (Java)" WARNING_FILTER += allow class="Method Disables Security Setting (Java)" WARNING_FILTER += allow class="Security Annotation Conflict (Java)" WARNING_FILTER += allow class="Sensitive Data Cached (Java)" WARNING_FILTER += allow class="Sensitive Data Written to External Storage (Java)" WARNING_FILTER += allow class="Sensitive Data Written to Local File (Java)" WARNING_FILTER += allow class="Unsafe Base64 Encoding (Java)" # Classes below are enabled by default: they are included for # completeness, in case they have been disabled by a previous rule. # Note that this default enabling means that a class may remain # enabled even if its WARNING_FILTER rule is commented out below. WARNING_FILTER += allow class="Accessing File in Permissive Mode (Java)" WARNING_FILTER += allow class="Anonymous LDAP Authentication (Java)" WARNING_FILTER += allow class="Code Injection (Java)" WARNING_FILTER += allow class="Command Injection (Java)" WARNING_FILTER += allow class="Cross Site Scripting (Java)" WARNING_FILTER += allow class="Cross Site Scripting In Error Message Web Page (Java)" WARNING_FILTER += allow class="Cryptographic Algorithm with Risky Default Cipher (Java)" WARNING_FILTER += allow class="Cryptographic Algorithm with Weak Cipher (Java)" WARNING_FILTER += allow class="Cryptographic Algorithm with Weak Hash (Java)" WARNING_FILTER += allow class="DLL Injection (Java)" WARNING_FILTER += allow class="DOS Injection (Java)" WARNING_FILTER += allow class="Deprecated Cryptography Provider (Java)" WARNING_FILTER += allow class="Direct Thread Usage in Http Servlet (Java)" WARNING_FILTER += allow class="Exception Information Disclosure (Java)" WARNING_FILTER += allow class="Execution After Redirect (Java)" WARNING_FILTER += allow class="Format String Injection (Java)" WARNING_FILTER += allow class="Fragment Injection (Java)" WARNING_FILTER += allow class="Hardcoded Cryptographic Key (Java)" WARNING_FILTER += allow class="Hardcoded Password (Java)" WARNING_FILTER += allow class="Hardcoded Random Seed (Java)" WARNING_FILTER += allow class="Hostname in Condition (Java)" WARNING_FILTER += allow class="Ineffective Cleansing of Fragment Taint (Java)" WARNING_FILTER += allow class="Insecure Cookie (Java)" WARNING_FILTER += allow class="Insecure Key Derivation (Java)" WARNING_FILTER += allow class="Insecure Random Number Generator (Java)" WARNING_FILTER += allow class="Insecure Socket Factory (Java)" WARNING_FILTER += allow class="Insecure XSLT Execution (Java)" WARNING_FILTER += allow class="Insecure verifier Override for Hostname (Java)" WARNING_FILTER += allow class="Insecure verify Override for Certificate (Java)" WARNING_FILTER += allow class="JavaScript Enabled (Java)" WARNING_FILTER += allow class="JavaScript File Access from File URLs (Java)" WARNING_FILTER += allow class="LDAP Authentication Disabled (Java)" WARNING_FILTER += allow class="Legacy Random Generator (Java)" WARNING_FILTER += allow class="Missing Authentication Annotation (Java)" WARNING_FILTER += allow class="Missing Required Cryptographic Step (Java)" WARNING_FILTER += allow class="Open Redirect (Java)" WARNING_FILTER += allow class="Password in Property File (Java)" WARNING_FILTER += allow class="Permissive File Mode (Java)" WARNING_FILTER += allow class="Possible XML External Entity Reference (Java)" WARNING_FILTER += allow class="Potential LDAP Poisoning (Java)" WARNING_FILTER += allow class="Reflection Injection (Java)" WARNING_FILTER += allow class="Risky Cipher Algorithm (Java)" WARNING_FILTER += allow class="Risky Cipher Field (Java)" WARNING_FILTER += allow class="Risky Cryptographic Algorithm (Java)" WARNING_FILTER += allow class="Risky Cryptographic Field (Java)" WARNING_FILTER += allow class="Risky JavaScript Interface (Java)" WARNING_FILTER += allow class="SQL Injection (Java)" WARNING_FILTER += allow class="Tainted @Trusted Value (Java)" WARNING_FILTER += allow class="Tainted Allocation Size (Java)" WARNING_FILTER += allow class="Tainted Bundle (Java)" WARNING_FILTER += allow class="Tainted Control (Java)" WARNING_FILTER += allow class="Tainted Data in Vulnerable Method (Java)" WARNING_FILTER += allow class="Tainted Expression Evaluation (Java)" WARNING_FILTER += allow class="Tainted HTTP Response (Java)" WARNING_FILTER += allow class="Tainted Hardware Device Property (Java)" WARNING_FILTER += allow class="Tainted LDAP Attribute (Java)" WARNING_FILTER += allow class="Tainted LDAP Filter (Java)" WARNING_FILTER += allow class="Tainted Log (Java)" WARNING_FILTER += allow class="Tainted Message (Java)" WARNING_FILTER += allow class="Tainted Network Address (Java)" WARNING_FILTER += allow class="Tainted Path (Java)" WARNING_FILTER += allow class="Tainted Regular Expression (Java)" WARNING_FILTER += allow class="Tainted Resource (Java)" WARNING_FILTER += allow class="Tainted Session (Java)" WARNING_FILTER += allow class="Tainted URL (Java)" WARNING_FILTER += allow class="Tainted XAML (Java)" WARNING_FILTER += allow class="Tainted XML (Java)" WARNING_FILTER += allow class="Tainted Xpath (Java)" WARNING_FILTER += allow class="Universal JavaScript Access to File URLs (Java)" WARNING_FILTER += allow class="Unsafe Session Expiration Time (Java)" WARNING_FILTER += allow class="Unsafe hash comparison (Java)" WARNING_FILTER += allow class="Untrusted Network Host (Java)" WARNING_FILTER += allow class="Use of Hardware ID (Java)" WARNING_FILTER += allow class="Use of Hash without a Salt (Java)" WARNING_FILTER += allow class="Use of Insecure verify for Certificate (Java)" WARNING_FILTER += allow class="Use of Insecure verify for Hostname (Java)" WARNING_FILTER += allow class="Use of Same Seed (Java)" WARNING_FILTER += allow class="Weak Cryptographic Value (Java)" WARNING_FILTER += allow class="Weak Hash Algorithm (Java)" WARNING_FILTER += allow class="Weak Hash Algorithm Field (Java)" WARNING_FILTER += allow class="Weak Initialization Vector Field (Java)" WARNING_FILTER += allow class="Weak Initialization Vector Value (Java)"