CodeQL library for Ruby
codeql/ruby-all 3.0.1-dev (changelog, source)
Search

Predicate UrlRedirect::actionControllerTaintedMethod

These methods return a new ActionController::Parameters or a Hash containing a subset of the original values. This may still contain user input, so the results are tainted. TODO: flesh this out to cover the whole API.

Import path

import codeql.ruby.security.UrlRedirectCustomizations
predicate actionControllerTaintedMethod(MethodCall m)