hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Deduplicate predicate in HostHeaderPoisoningQuery

Browse Source
This commit is contained in:
Asger F
2024-03-13 11:27:18 +01:00
parent 11983faccf
commit 0a2050bc42
1 changed files with 2 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
javascript/ql/lib/semmle/javascript/security/dataflow/HostHeaderPoisoningInEmailGenerationQuery.qll
View File

@@ -30,14 +30,7 @@ module HostHeaderPoisoningFlow = TaintTracking::Global<HostHeaderPoisoningConfig
deprecated class Configuration extends TaintTracking::Configuration {
Configuration() { this = "TaintedHostHeader" }
override predicate isSource(DataFlow::Node node) {
exists(Http::RequestHeaderAccess input | node = input |
input.getKind() = "header" and
input.getAHeaderName() = "host"
)
}
override predicate isSource(DataFlow::Node node) { HostHeaderPoisoningConfig::isSource(node) }
override predicate isSink(DataFlow::Node node) {
exists(EmailSender email | node = email.getABody())
}
override predicate isSink(DataFlow::Node node) { HostHeaderPoisoningConfig::isSink(node) }
}