QL tests for Python queries and libraries.

2026-05-05 21:55:19 +02:00 · 2018-11-19 15:15:54 +00:00
parent 90c75cd362
commit 05b69a1c0f
1140 changed files with 32676 additions and 0 deletions
--- a/python/ql/test/query-tests/Security/CWE-079/ReflectedXss.expected
+++ b/python/ql/test/query-tests/Security/CWE-079/ReflectedXss.expected
@@ -0,0 +1 @@
+| ../lib/flask/__init__.py:16:25:16:26 | flask.response.argument | Cross-site scripting vulnerability due to $@. | reflected_xss.py:7:18:7:29 | flask.request.args | user-provided value |
--- a/python/ql/test/query-tests/Security/CWE-079/ReflectedXss.qlref
+++ b/python/ql/test/query-tests/Security/CWE-079/ReflectedXss.qlref
@@ -0,0 +1 @@
+Security/CWE-079/ReflectedXss.ql
--- a/python/ql/test/query-tests/Security/CWE-079/options
+++ b/python/ql/test/query-tests/Security/CWE-079/options
@@ -0,0 +1 @@
+semmle-extractor-options: -p ../lib/ --max-import-depth=3
--- a/python/ql/test/query-tests/Security/CWE-079/reflected_xss.py
+++ b/python/ql/test/query-tests/Security/CWE-079/reflected_xss.py
@@ -0,0 +1,18 @@
+from flask import Flask, request, make_response, escape
+
+app = Flask(__name__)
+
+@app.route('/unsafe')
+def unsafe():
+    first_name = request.args.get('name', '')
+    return make_response("Your name is " + first_name)
+
+@app.route('/safe')
+def safe():
+    first_name = request.args.get('name', '')
+    return make_response("Your name is " + escape(first_name))
+
+urlpatterns = [
+    url(r'^r1$', response_unsafe, name='response-unsafe'),
+    url(r'^r2$', response_safe, name='response-safe')
+]
				`@@ -0,0 +1 @@`
				`\| ../lib/flask/__init__.py:16:25:16:26 \| flask.response.argument \| Cross-site scripting vulnerability due to $@. \| reflected_xss.py:7:18:7:29 \| flask.request.args \| user-provided value \|`
				`@@ -0,0 +1 @@`
				`semmle-extractor-options: -p ../lib/ --max-import-depth=3`