mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-06 19:35:13 +02:00
8 lines
238 B
Ruby
8 lines
238 B
Ruby
# Baseline: expression is a compile-time constant. No taint reaches
|
|
# `doc.xpath` so no XPATH_INJECTION finding fires.
|
|
require 'nokogiri'
|
|
|
|
def lookup
|
|
doc = Nokogiri::XML(File.read("users.xml"))
|
|
doc.xpath("//user[@role='admin']")
|
|
end
|