1
0
mirror of https://github.com/danog/psalm.git synced 2024-12-12 01:09:38 +01:00
psalm/docs/running_psalm/issues/TaintedXpath.md
2023-08-31 05:44:57 +02:00

254 B

TaintedXpath

Emitted when user-controlled input can be passed into to a xpath query.

<?php

function queryExpression(SimpleXMLElement $xml) : array|false|null {
    $expression = $_GET["expression"];
    return $xml->xpath($expression);
}