Module XNetHtml
Provides classes modeling security-relevant aspects of the golang.org/x/net/html
subpackage.
Currently we support the unmarshalling aspect of this package, conducting taint from an untrusted
reader to an untrusted Node
tree or Tokenizer
instance, as well as simple remarshalling of Node
s
that were already untrusted. We do not yet model adding a child Node
to a tree then calling Render
yielding an untrustworthy string.
Import path
import semmle.go.frameworks.XNetHtml
Imports
go | Provides classes for working with Go programs. |
Modules
XNetHtml | Provides models of commonly used functions in the |