CodeQL library for Python
codeql/python-all 0.9.2 ( changelog , source )

Class XML :: XPathConstruction

A data-flow node that constructs an XPath expression.

Often, it is worthy of an alert if an XPath expression is constructed such that executing it would be a security risk.

If it is important that the XPath expression is indeed executed, then use XPathExecution.

Extend this class to refine existing API models. If you want to model new APIs, extend XPathConstruction::Range instead.

Import path

import semmle.python.Concepts

Direct supertypes

Indirect supertypes



Gets the name of this XPath expression construction, typically the name of an executing method. This is used for nice alert messages and should include the module if possible.


Gets the argument that specifies the XPath expressions to be constructed.

Inherited predicates


Gets the control-flow node corresponding to this node, if any.

from Node

Gets the expression corresponding to this node, if any.

from Node

Gets the ESSA variable corresponding to this node, if any.

from Node

Gets a local source node from which data may flow to this node in zero or more local data-flow steps.

from Node

Gets the enclosing callable of this node.

from Node

Gets the location of this node

from Node

Gets the scope of this node.

from Node

Holds if this element is at the specified location. The location spans column startcolumn of line startline to column endcolumn of line endline in file filepath. For more information, see Locations.

from Node

Gets a textual representation of this element.

from Node