A sanitizer for flow into a string interpolation component, provided that component does not form a prefix of the string.
This is useful for URLs and paths, where the fixed prefix prevents the user from controlling the target.
Import path
import codeql.ruby.dataflow.Sanitizers
Direct supertypes
Indirect supertypes
Known direct subtypes
Inherited predicates
asCallable | Gets the callable corresponding to this block, lambda expression, or call to | from Node |
asExpr | Gets the expression corresponding to this node, if any. | from Node |
asParameter | Gets the parameter corresponding to this node, if any. | from Node |
backtrack | Starts backtracking from this node using API graphs. | from Node |
getALocalSource | Gets a local source node from which data may flow to this node in zero or more local data-flow steps. | from Node |
getAPredecessor | Gets a data flow node from which data may flow to this node in one local step. | from Node |
getASuccessor | Gets a data flow node to which data may flow from this node in one local step. | from Node |
getConstantValue | Gets the constant value of this expression, if any. | from Node |
getEnclosingMethod | Gets the enclosing method, if any. | from Node |
getLocation | Gets the location of this node. | from Node |
hasLocationInfo | Holds if this element is at the specified location. The location spans column | from Node |
toString | Gets a textual representation of this node. | from Node |