hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 02:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Ruby: limit rb/sensitive-get-query to data from query params

Browse Source
This commit is contained in:
Alex Ford
2022-10-05 12:57:57 +01:00
parent 977e8a8a6f
commit 084efe062a
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
ruby/ql/lib/codeql/ruby/security/SensitiveGetQueryCustomizations.qll
View File

@@ -32,7 +32,8 @@ module SensitiveGetQuery {
RequestInputAccessSource() {
handler = this.asExpr().getExpr().getEnclosingMethod() and
handler.getAnHttpMethod() = "get"
handler.getAnHttpMethod() = "get" and
this.getSourceType().matches(["%params%", "%parameters%"])
}
override Http::Server::RequestHandler getHandler() { result = handler }