CodeQL library for C#
codeql/csharp-all 0.9.0 (changelog, source)
Index
Search

Module XPathInjectionQuery

Provides a taint-tracking configuration for reasoning about untrusted user input used in XPath expression.

Import path

import semmle.code.csharp.security.dataflow.XPathInjectionQuery

Imports

csharp

The default C# QL library.

Classes

RemoteSource

DEPRECATED: Use ThreatModelSource instead.

Sanitizer

A sanitizer for untrusted user input used in XPath expression.

Sink

A data flow sink for untrusted user input used in XPath expression.

Source

A data flow source for untrusted user input used in XPath expression.

TaintTrackingConfiguration

DEPRECATED: Use XpathInjection instead.

ThreatModelSource

A source supported by the current threat model.

XPathExpressionCompileSink

The xpath argument to an XPathExpression.Compile(..) call.

XmlNavigatorSink

The xpath argument to an XPathNavigator call.

XmlNodeSink

The xpath argument to an XmlNode.Select*Node*(..) call.

Modules

XpathInjectionConfig

A taint-tracking configuration for untrusted user input used in XPath expression.

Aliases

XpathInjection

A taint-tracking module for untrusted user input used in XPath expression.