Merge both setAllowContentAccess queries into one query

Previously, the query to detect whether or not access to `content://`
links was done using two queries.

Now they can be merged into one query

java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql

@@ -1,21 +0,0 @@
-/**
- * @name Android WebSettings content access
- * @description Access to content providers in a WebView can enable JavaScript to access protected information.
- * @kind problem
- * @id java/android/websettings-content-access
- * @problem.severity warning
- * @security-severity 6.5
- * @precision medium
- * @tags security
- *       external/cwe/cwe-200
- */
-
-import java
-import semmle.code.java.frameworks.android.WebView
-
-from MethodAccess ma
-where
-  ma.getMethod() instanceof AllowContentAccessMethod and
-  ma.getArgument(0).(CompileTimeConstantExpr).getBooleanValue() = true
-select ma,
-  "Sensitive information may be exposed via a malicious link due to access of content:// links being permitted."

java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql

@@ -94,7 +94,19 @@ class WebViewDisallowContentAccessConfiguration extends TaintTracking::Configura
   }
 }
 
-from WebViewSource source
-where not any(WebViewDisallowContentAccessConfiguration cfg).hasFlow(source, _)
-select source,
+from Expr e
+where
+  // explicit: setAllowContentAccess(true)
+  exists(MethodAccess ma |
+    ma = e and
+    ma.getMethod() instanceof AllowContentAccessMethod and
+    ma.getArgument(0).(CompileTimeConstantExpr).getBooleanValue() = true
+  )
+  or
+  // implicit: no setAllowContentAccess(false)
+  exists(WebViewSource source |
+    source.asExpr() = e and
+    not any(WebViewDisallowContentAccessConfiguration cfg).hasFlow(source, _)
+  )
+select e,
   "Sensitive information may be exposed via a malicious link due to access of content:// links being permitted."