Module Concepts
Provides abstract classes representing generic concepts such as file system access or system command execution, for which individual framework libraries provide concrete subclasses.
Import path
import codeql.ruby.ConceptsClasses
| CodeExecution | A data-flow node that dynamically executes Ruby code. |
| CookieSecurityConfigurationSetting | A data-flow node that may configure behavior relating to cookie security. |
| CsrfProtectionSetting | A data-flow node that may set or unset Cross-site request forgery protection. |
| Escaping | A data-flow node that escapes meta-characters, which could be used to prevent injection attacks. |
| FileNameSource | A data flow node that contains a file name or an array of file names from the local file system. |
| FileSystemAccess | A data flow node that performs a file system access, including reading and writing data, creating and deleting files and folders, checking and updating permissions, and so on. |
| FileSystemPermissionModification | A data flow node that sets the permissions for one or more files. |
| FileSystemReadAccess | A data flow node that reads data from the file system. |
| FileSystemWriteAccess | A data flow node that writes data to the file system. |
| HtmlEscaping | An escape of a string so it can be safely included in the body of an HTML element, for example, replacing |
| JwtDecoding | A data-flow node that decodes a Jwt token. |
| JwtEncoding | A data-flow node that encodes a Jwt token. |
| LdapBind | A data-flow node that collects methods binding a LDAP connection. |
| LdapConstruction | A data-flow node that constructs a LDAP query. |
| LdapExecution | A data-flow node that executes LDAP queries. |
| Logging | A data-flow node that logs data. |
| OrmInstantiation | A data-flow node that may represent a database object in an ORM system. |
| PersistentWriteAccess | A data flow node that writes persistent data. |
| RegexExecution | A data-flow node that executes a regular expression. |
| SqlConstruction | A data-flow node that constructs a SQL statement. |
| SqlExecution | A data-flow node that executes SQL statements. |
| SqlSanitization | A data-flow node that performs SQL sanitization. |
| SystemCommandExecution | A data flow node that executes an operating system command, for instance by spawning a new process. |
| TemplateConstruction | A data-flow node that constructs a template. |
| TemplateRendering | A data-flow node that renders templates. |
| XPathConstruction | A data-flow node that constructs an XPath expression. |
| XPathExecution | A data-flow node that executes an XPath expression. |
| XmlParserCall | A data-flow node that parses XML content. |
Modules
| CodeExecution | Provides a class for modeling new dynamic code execution APIs. |
| CookieSecurityConfigurationSetting | Provides a class for modeling new cookie security setting APIs. |
| Cryptography | Provides models for cryptographic concepts. |
| CsrfProtectionSetting | Provides a class for modeling new CSRF protection setting APIs. |
| Escaping | Provides a class for modeling new escaping APIs. |
| FileSystemAccess | Provides a class for modeling new file system access APIs. |
| FileSystemPermissionModification | Provides a class for modeling new file system permission modifications. |
| FileSystemReadAccess | Provides a class for modeling new file system reads. |
| FileSystemWriteAccess | Provides a class for modeling new file system writes. |
| Http | Provides classes for modeling HTTP-related APIs. |
| JwtDecoding | Provides a class for modeling new Jwt token encoding APIs. |
| JwtEncoding | Provides a class for modeling new Jwt token encoding APIs. |
| LdapBind | Provides classes for modeling LDAP bind-related APIs. |
| LdapConstruction | Provides a class for modeling new LDAP query construction APIs. |
| LdapExecution | Provides a class for modeling new LDAP query execution APIs. |
| Logging | Provides a class for modeling new logging mechanisms. |
| OrmInstantiation | Provides a class for modeling new ORM object instantiation APIs. |
| Path | Provides classes for modeling path-related APIs. |
| PersistentWriteAccess | Provides a class for modeling new persistent write access APIs. |
| RegexExecution | Provides classes for modeling new regular-expression execution APIs. |
| SqlConstruction | Provides a class for modeling new SQL execution APIs. |
| SqlExecution | Provides a class for modeling new SQL execution APIs. |
| SqlSanitization | Provides a class for modeling new SQL sanitization APIs. |
| SystemCommandExecution | Provides a class for modeling new operating system command APIs. |
| TemplateConstruction | Provides a class for modeling new template rendering APIs. |
| TemplateRendering | Provides a class for modeling new template rendering APIs. |
| XPathConstruction | Provides a class for modeling new XPath construction APIs. |
| XPathExecution | Provides a class for modeling new XPath execution APIs. |
| XmlParserCall | Provides a class for modeling new XML parsing APIs. |