CodeQL library for Java/Kotlin
codeql/java-all 4.2.1 (changelog, source)
Search

Class TemplateInjectionSanitizerWithState

DEPRECATED: Open-ended flow state is not intended to be part of the extension points.

A sanitizer for server-side template injection (SST) vulnerabilities. This sanitizer is only applicable when TemplateInjectionSanitizerWithState::hasState holds for the flow state.

Import path

import semmle.code.java.security.TemplateInjection

Direct supertypes

Indirect supertypes

Predicates

hasState

DEPRECATED: Open-ended flow state is not intended to be part of the extension points.

Inherited predicates

asExpr

Gets the expression corresponding to this node, if any.

from Node
asParameter

Gets the parameter corresponding to this node, if any.

from Node
getEnclosingCallable

Gets the callable in which this node occurs.

from Node
getLocation

Gets the source location for this element.

from Node
getType

Gets the type of this node.

from Node
getTypeBound

Gets an upper bound on the type of this node.

from Node
hasLocationInfo

Holds if this element is at the specified location. The location spans column startcolumn of line startline to column endcolumn of line endline in file filepath. For more information, see Locations.

from Node
toString

Gets a textual representation of this element.

from Node