Expand description
§API Guide
§For End Users
Most applications should use the high-level detection functions:
detect_sqli- Main SQL injection detection (recommended)detect_sqli_with_flags- SQL injection detection with custom flagsdetect_xss- Cross-site scripting detectionversion- Library version information
These functions handle all the complexity of testing multiple contexts and SQL dialects automatically, returning simple results.
§For Advanced Users and Debugging
For debugging, performance analysis, or advanced customization, you can access the lower-level APIs:
SqliState- Direct access to SQL parsing state and tokenizationXssDetector- Direct XSS detection with context controlFingerprint- SQL injection fingerprint analysis
These APIs expose the internal parsing state, tokens, and folding mechanisms that power the detection logic. They are primarily intended for:
- Debugging: Understanding why certain inputs are flagged
- Performance: Avoiding repeated parsing for multiple checks
- Research: Analyzing the tokenization and folding process
- Testing: Validating behavior against the C reference implementation
Most applications should not use these lower-level APIs unless they have specific requirements that the high-level functions cannot meet.
Re-exports§
pub use sqli::SqliState;pub use sqli::SqliFlags;pub use sqli::Fingerprint;pub use xss::XssDetector;pub use xss::XssResult;
Modules§
Structs§
- Detection
Result - Result of an injection detection operation.
- Parse
Error
Enums§
- Error
- Injection
Type - The type of injection detected by libinjection.
Functions§
- detect_
sqli - Detects SQL injection in the given input using default flags.
- detect_
sqli_ with_ flags - Detects SQL injection in the given input with specific parsing flags.
- detect_
xss - Detects Cross-Site Scripting (XSS) in the given input.
- version
- Returns the version of the libinjection library.