CodeQL library for Go
codeql/go-all 2.1.3 (changelog, source)
Search

Predicate hostnameSanitizingPrefixEdge

Holds if data that flows from source to sink cannot affect the hostname or scheme of the resulting string when interpreted as a URL.

This is considered as a sanitizing edge for the URL redirection queries.

Import path

import semmle.go.security.UrlConcatenation
predicate hostnameSanitizingPrefixEdge(Node source, Node sink)