CodeQL library for Python
codeql/python-all 2.1.1-dev (changelog, source)
Search

Class Escaping::Range

A data-flow node that escapes meta-characters, which could be used to prevent injection attacks.

Extend this class to model new APIs. If you want to refine existing API models, extend Escaping instead.

Import path

import semmle.python.Concepts

Direct supertypes

Indirect supertypes

Known direct subtypes

    Predicates

    getAnInput

    Gets an input that will be escaped.

    getKind

    Gets the context that this function escapes for.

    getOutput

    Gets the output that contains the escaped data.

    Inherited predicates

    asCfgNode

    Gets the control-flow node corresponding to this node, if any.

    from Node
    asExpr

    Gets the expression corresponding to this node, if any.

    from Node
    getALocalSource

    Gets a local source node from which data may flow to this node in zero or more local data-flow steps.

    from Node
    getEnclosingCallable

    Gets the enclosing callable of this node.

    from Node
    getLocation

    Gets the location of this node

    from Node
    getScope

    Gets the scope of this node.

    from Node
    hasLocationInfo

    Holds if this element is at the specified location. The location spans column startcolumn of line startline to column endcolumn of line endline in file filepath. For more information, see Locations.

    from Node
    toString

    Gets a textual representation of this element.

    from Node