Member predicate TemplateObjInjectionConfig::isSanitizerGuard
Holds if data flow node guard
can act as a sanitizer when appearing
in a condition.
For example, if guard
is the comparison expression in
if(x == 'some-constant'){ ... x ... }
, it could sanitize flow of
x
into the “then” branch.
Node that this only handles checks that operate directly on the tainted value.
Objects that contain a tainted value in a property may still flow across the check.
To block such objects, use a labeled sanitizer guard to block the data
label.
predicate isSanitizerGuard(SanitizerGuardNode guard)