CodeQL library for Ruby
codeql/ruby-all 3.0.3-dev (changelog, source)
Index
Search

Module ActionView::Helpers

Action view helper methods which are XSS sinks.

Import path

import codeql.ruby.frameworks.ActionView

Classes

RawHelperCall

A call to an ActionView helper which renders its argument without escaping. The argument should be treated as an XSS sink. In the documentation for classes in this module, the vulnerable argument is named x.