Member predicate TemplateObjInjectionConfig::isSanitizer
Holds if the intermediate node node
is a taint sanitizer, that is,
tainted values can not flow into or out of node
.
Note that this only blocks flow through nodes that operate directly on the tainted value.
An object containing a tainted value in a property can still flow into and out of node
.
To block such objects, override isBarrier
or use a labeled sanitizer to block the data
flow label.
For operations that check if a value is tainted or safe, use isSanitizerGuard
instead.
predicate isSanitizer(Node node)