Module XPathInjection
Provides extension points for reasoning about untrusted user input used in an XPath expression.
Import path
import semmle.go.security.XPathInjectionCustomizations
Classes
Sanitizer | A sanitizer for untrusted user input used in an XPath expression. |
Sink | A data flow sink for untrusted user input used in an XPath expression. |
Source | A data flow source for untrusted user input used in an XPath expression. |
UntrustedFlowAsSource | DEPRECATED: Use |
XPathExpressionStringAsSink | An XPath expression string, considered as a taint sink for XPath injection. |