hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 02:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

support host for http-proxy client requests

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2021-02-25 16:00:44 +01:00
parent cc48172fd8
commit 214aa072b9
3 changed files with 24 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
javascript/ql/src/semmle/javascript/frameworks/HttpProxy.qll
View File

@@ -21,7 +21,9 @@ private module HttpProxy {
override DataFlow::Node getUrl() { result = getParameter(0).getMember("target").getARhs() }
override DataFlow::Node getHost() { none() }
override DataFlow::Node getHost() {
result = getParameter(0).getMember("target").getMember("host").getARhs()
}
override DataFlow::Node getADataNode() { none() }
}
@@ -37,17 +39,21 @@ private module HttpProxy {
this = any(CreateServerCall server).getReturn().getMember(method).getACall()
}
override DataFlow::Node getUrl() {
private API::Node getOptionsObject() {
exists(int optionsIndex |
method = "web" and optionsIndex = 2
or
method = "ws" and optionsIndex = 3
|
result = getParameter(optionsIndex).getMember("target").getARhs()
result = getParameter(optionsIndex)
)
}
override DataFlow::Node getHost() { none() }
override DataFlow::Node getUrl() { result = getOptionsObject().getMember("target").getARhs() }
override DataFlow::Node getHost() {
result = getOptionsObject().getMember("target").getMember("host").getARhs()
}
override DataFlow::Node getADataNode() { none() }
}