CodeQL library for Python
codeql/python-all 0.6.4 (changelog, source)
Search

Module XpathInjection

Models Xpath Injection related classes and functions

Import path

import semmle.python.security.dataflow.XpathInjectionCustomizations

Classes

RemoteFlowSourceAsSource

A source of remote user input, considered as a flow source.

Sanitizer

A sanitizer for “XPath injection” vulnerabilities.

SanitizerGuard

DEPRECATED: Use Sanitizer instead.

Sink

A data flow sink for “XPath injection” vulnerabilities.

Source

A data flow source for “XPath injection” vulnerabilities.

XPathConstructionArg

A construction of an XPath expression, considered as a sink.

XPathExecutionArg

An execution of an XPath expression, considered as a sink.