CodeQL library for Ruby
codeql/ruby-all 3.0.3-dev (changelog, source)
Index
Search

Module MassAssignment

Provides default sources, sinks, sanitizers, and flow steps for detecting insecure mass assignment, as well as extension points for adding your own.

Import path

import codeql.ruby.security.MassAssignmentCustomizations

Classes

MassPermit

A call that permits arbitrary parameters to be used for mass assignment.

Sanitizer

A sanitizer for insecure mass assignment.

Sink

A data flow sink for user input used for mass assignment.

Source

A data flow source for user input used for mass assignment.