Class ActionView::Helpers::RawHelperCall
A call to an ActionView helper which renders its argument without escaping.
The argument should be treated as an XSS sink. In the documentation for
classes in this module, the vulnerable argument is named x
.
Import path
import codeql.ruby.frameworks.ActionView
Direct supertypes
Predicates
getRawArgument | Gets an argument that is rendered without escaping. |
Inherited predicates
getAChild | Gets a child node of this | from AstNode |
getAChild | Gets a child of this node, which can also be retrieved using a predicate named | from MethodCall |
getAControlFlowEntryNode | Gets a control-flow entry node for this statement, if any | from Stmt |
getAControlFlowNode | Gets a control-flow node for this statement, if any. | from Stmt |
getAPrimaryQlClass | Gets the name of a primary CodeQL class to which this node belongs. | from MethodCall |
getATarget | Gets a potential target of this call, if any. | from Call |
getAnArgument | Gets an argument of this method call. | from Call |
getArgument | Gets the | from Call |
getBlock | Gets the block of this method call, if any. | from MethodCall |
getBlockArgument | Gets the block argument of this method call, if any. | from MethodCall |
getCfgScope | Gets the control-flow scope of this statement, if any. | from Stmt |
getConstantValue | Gets the constant value of this expression, if any. | from Expr |
getDesugared | Gets the desugared version of this AST node, if any. | from AstNode |
getEnclosingCallable | Gets the enclosing callable, if any. | from Stmt |
getEnclosingMethod | Gets the enclosing method, if any. | from AstNode |
getEnclosingModule | Gets the enclosing module, if any. | from AstNode |
getEnclosingToplevel | Gets the enclosing top-level. | from AstNode |
getFile | Gets the file of this node. | from AstNode |
getKeywordArgument | Gets the value of the keyword argument whose key is | from Call |
getLocation | Gets the location of this node. | from AstNode |
getMethodName | Gets the name of the method being called. For example, in: | from MethodCall |
getNumberOfArguments | Gets the number of arguments of this method call. | from Call |
getParent | Gets the parent of this | from AstNode |
getPrimaryQlClasses | Gets a comma-separated list of the names of the primary CodeQL classes to which this element belongs. | from AstNode |
getReceiver | Gets the receiver of this call, if any. For example: | from MethodCall |
hasBlock | Holds if this method call has a block or block argument. | from MethodCall |
isSafeNavigation | Holds if the safe navigation operator ( | from MethodCall |
isSynthesized | Holds if this node was synthesized to represent an implicit AST node not present in the source code. In the following example method call, the receiver is an implicit | from AstNode |
toString | Gets a textual representation of this node. | from MethodCall |