Class Brakeman::CheckContentTag
In: lib/brakeman/checks/check_content_tag.rb
Parent: Brakeman::CheckCrossSiteScripting

Checks for unescaped values in `content_tag` 

    content_tag :tag, body
                       ^-- Unescaped in Rails 2.x

    content_tag, :tag, body, attribute => value
                                ^-- Unescaped in all versions

    content_tag, :tag, body, attribute => value
                                            ^
                                            |
            Escaped by default, can be explicitly escaped
            or not by passing in (true|false) as fourth argument

Methods

check_argument   check_cve_2016_6316   cve_2016_6316?   process_call   process_result   raw?   run_check  

Public Instance methods

[Validate]