Class TemplateConstruction::Range
A data-flow node that constructs a template.
Often, it is worthy of an alert if a template is constructed such that executing it would be a security risk.
If it is important that the template is rendered, use TemplateRendering
.
Extend this class to model new APIs. If you want to refine existing API models,
extend TemplateConstruction
instead.
Import path
import codeql.ruby.Concepts
Direct supertypes
Indirect supertypes
Known direct subtypes
Predicates
getTemplate | Gets the argument that specifies the template to be constructed. |
Inherited predicates
asCallable | Gets the callable corresponding to this block, lambda expression, or call to | from Node |
asExpr | Gets the expression corresponding to this node, if any. | from Node |
asParameter | Gets the parameter corresponding to this node, if any. | from Node |
backtrack | Starts backtracking from this node using API graphs. | from Node |
getALocalSource | Gets a local source node from which data may flow to this node in zero or more local data-flow steps. | from Node |
getAPredecessor | Gets a data flow node from which data may flow to this node in one local step. | from Node |
getASuccessor | Gets a data flow node to which data may flow from this node in one local step. | from Node |
getConstantValue | Gets the constant value of this expression, if any. | from Node |
getEnclosingMethod | Gets the enclosing method, if any. | from Node |
getLocation | Gets the location of this node. | from Node |
hasLocationInfo | Holds if this element is at the specified location. The location spans column | from Node |
toString | Gets a textual representation of this node. | from Node |