TaintedXpath

docs/running_psalm/issues/TaintedXpath.md

6.16.1250 B

TaintedXpath

Emitted when user-controlled input can be passed into a xpath query.

php

<?php

function queryExpression(SimpleXMLElement $xml) : array|false|null {
    $expression = $_GET["expression"];
    return $xml->xpath($expression);
}