danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2025-01-22 05:41:20 +01:00
Code Issues Projects Releases Wiki Activity

Add reference to the has_quotes taint

Browse Source
This commit is contained in:
Matthew Brown 2021-06-26 16:04:04 -04:00 committed by GitHub
parent 19cc4cb4ee
commit 74ec3affc2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docs/security_analysis/index.md
View File

@ -26,6 +26,7 @@ Psalm recognises a number of taint types by default, defined in the [Psalm\Type\
- `sql` - used for strings that could contain SQL - `sql` - used for strings that could contain SQL
- `ldap` - used for strings that could contain a ldap DN or filter - `ldap` - used for strings that could contain a ldap DN or filter
- `html` - used for strings that could contain angle brackets or unquoted strings - `html` - used for strings that could contain angle brackets or unquoted strings
- `has_quotes` - used for strings that could contain unquoted strings
- `shell` - used for strings that could contain shell commands - `shell` - used for strings that could contain shell commands
- `callable` - used for callable strings that could be user-controlled - `callable` - used for callable strings that could be user-controlled
- `unserialize` - used for strings that could contain a serialized string - `unserialize` - used for strings that could contain a serialized string