hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 17:25:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Port CorsMisconfigurationForCredentials

Browse Source
This commit is contained in:
Asger F
2023-10-05 09:13:42 +02:00
parent f14303acea
commit 30f1fbc10d
3 changed files with 32 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
javascript/ql/test/query-tests/Security/CWE-346/CorsMisconfigurationForCredentials.expected
View File

@@ -1,28 +1,15 @@
nodes
| tst.js:12:9:12:54 | origin |
| tst.js:12:18:12:41 | url.par ... , true) |
| tst.js:12:18:12:47 | url.par ... ).query |
| tst.js:12:18:12:54 | url.par ... .origin |
| tst.js:12:28:12:34 | req.url |
| tst.js:12:28:12:34 | req.url |
| tst.js:13:50:13:55 | origin |
| tst.js:13:50:13:55 | origin |
| tst.js:18:50:18:53 | null |
| tst.js:18:50:18:53 | null |
| tst.js:18:50:18:53 | null |
| tst.js:23:50:23:55 | "null" |
| tst.js:23:50:23:55 | "null" |
| tst.js:23:50:23:55 | "null" |
edges
| tst.js:12:9:12:54 | origin | tst.js:13:50:13:55 | origin |
| tst.js:12:9:12:54 | origin | tst.js:13:50:13:55 | origin |
| tst.js:12:18:12:41 | url.par ... , true) | tst.js:12:18:12:47 | url.par ... ).query |
| tst.js:12:18:12:47 | url.par ... ).query | tst.js:12:18:12:54 | url.par ... .origin |
| tst.js:12:18:12:54 | url.par ... .origin | tst.js:12:9:12:54 | origin |
| tst.js:12:18:12:41 | url.par ... , true) | tst.js:12:9:12:54 | origin |
| tst.js:12:28:12:34 | req.url | tst.js:12:18:12:41 | url.par ... , true) |
| tst.js:12:28:12:34 | req.url | tst.js:12:18:12:41 | url.par ... , true) |
| tst.js:18:50:18:53 | null | tst.js:18:50:18:53 | null |
| tst.js:23:50:23:55 | "null" | tst.js:23:50:23:55 | "null" |
nodes
| tst.js:12:9:12:54 | origin | semmle.label | origin |
| tst.js:12:18:12:41 | url.par ... , true) | semmle.label | url.par ... , true) |
| tst.js:12:28:12:34 | req.url | semmle.label | req.url |
| tst.js:13:50:13:55 | origin | semmle.label | origin |
| tst.js:18:50:18:53 | null | semmle.label | null |
| tst.js:23:50:23:55 | "null" | semmle.label | "null" |
subpaths
#select
| tst.js:13:50:13:55 | origin | tst.js:12:28:12:34 | req.url | tst.js:13:50:13:55 | origin | $@ leak vulnerability due to a $@. | tst.js:14:5:14:59 | res.set ... , true) | Credential | tst.js:12:28:12:34 | req.url | misconfigured CORS header value |
| tst.js:18:50:18:53 | null | tst.js:18:50:18:53 | null | tst.js:18:50:18:53 | null | $@ leak vulnerability due to a $@. | tst.js:19:5:19:59 | res.set ... , true) | Credential | tst.js:18:50:18:53 | null | misconfigured CORS header value |