diff --git a/lib/brakeman/checks/check_cross_site_scripting.rb b/lib/brakeman/checks/check_cross_site_scripting.rb
index 12f34ae261e73a2dc6c2323674a3ac0f9cbfc718..311c348410570ac1033a2ef960aaa9cec7ccb971 100644
--- a/lib/brakeman/checks/check_cross_site_scripting.rb
+++ b/lib/brakeman/checks/check_cross_site_scripting.rb
@@ -325,7 +325,7 @@ class Brakeman::CheckCrossSiteScripting < Brakeman::BaseCheck
   end
 
   def ignore_call? target, method
-    ignored_method?(method) or
+    ignored_method?(target, method) or
     safe_input_attribute?(target, method) or
     ignored_model_method?(method) or
     form_builder_method?(target, method) or
@@ -341,7 +341,7 @@ class Brakeman::CheckCrossSiteScripting < Brakeman::BaseCheck
     IGNORE_MODEL_METHODS.include? method
   end
 
-  def ignored_method? method
+  def ignored_method? target, method
     @ignore_methods.include? method or method.to_s =~ IGNORE_LIKE
   end
 
diff --git a/lib/brakeman/checks/check_link_to_href.rb b/lib/brakeman/checks/check_link_to_href.rb
index 85ab589ceaf23c8e4e2a5ba9462f971a56815be8..d9a12e63072e493ce1c81a115a36ad37b4afab46 100644
--- a/lib/brakeman/checks/check_link_to_href.rb
+++ b/lib/brakeman/checks/check_link_to_href.rb
@@ -11,13 +11,11 @@ class Brakeman::CheckLinkToHref < Brakeman::CheckLinkTo
                         
   @description = "Checks to see if values used for hrefs are sanitized using a :url_safe_method to protect against javascript:/data: XSS"
 
-  IGNORE_LIKE = /_path$/
-
   def run_check
     @ignore_methods = Set[:button_to, :check_box,
                            :field_field, :fields_for, :hidden_field,
                            :hidden_field, :hidden_field_tag, :image_tag, :label,
-                           :mail_to, :radio_button, :select,
+                           :mail_to, :polymorphic_url, :radio_button, :select,
                            :submit_tag, :text_area, :text_field,
                            :text_field_tag, :url_encode, :url_for,
                            :will_paginate].merge(tracker.options[:url_safe_methods] || [])
@@ -93,7 +91,9 @@ class Brakeman::CheckLinkToHref < Brakeman::CheckLinkTo
     end
   end
 
-  def ignored_method? method
-    @ignore_methods.include? method or method.to_s =~ IGNORE_LIKE
+  def ignored_method? target, method
+    @ignore_methods.include? method or
+      method.to_s =~ /_path$/ or
+      (target.nil? and method.to_s =~ /_url$/)
   end
 end