diff --git a/python/ql/lib/semmle/python/Frameworks.qll b/python/ql/lib/semmle/python/Frameworks.qll
index 74d4dedd00c..da35994b955 100644
--- a/python/ql/lib/semmle/python/Frameworks.qll
+++ b/python/ql/lib/semmle/python/Frameworks.qll
@@ -15,6 +15,7 @@ private import semmle.python.frameworks.Anyio
 private import semmle.python.frameworks.Asyncpg
 private import semmle.python.frameworks.Baize
 private import semmle.python.frameworks.BSon
+private import semmle.python.frameworks.Bottle
 private import semmle.python.frameworks.CassandraDriver
 private import semmle.python.frameworks.Cherrypy
 private import semmle.python.frameworks.ClickhouseDriver
diff --git a/python/ql/lib/semmle/python/frameworks/Tornado.qll b/python/ql/lib/semmle/python/frameworks/Tornado.qll
index 7cfe381b1f9..a9bf79b7341 100644
--- a/python/ql/lib/semmle/python/frameworks/Tornado.qll
+++ b/python/ql/lib/semmle/python/frameworks/Tornado.qll
@@ -605,4 +605,25 @@ module Tornado {
 
     override DataFlow::Node getValueArg() { result in [this.getArg(1), this.getArgByName("value")] }
   }
+
+    /**
+   * A call to the `tornado.web.RequestHandler.set_header` method.
+   *
+   * See https://www.tornadoweb.org/en/stable/web.html#tornado.web.RequestHandler.set_header
+   */
+  class TornadoRequestHandlerSetHeaderCall extends Http::Server::ResponseHeaderWrite::Range,
+    DataFlow::MethodCallNode
+  {
+    TornadoRequestHandlerSetHeaderCall() {
+      this.calls(TornadoModule::Web::RequestHandler::instance(), "set_header")
+    }
+
+    override DataFlow::Node getNameArg() { result in [this.getArg(0), this.getArgByName("name")] }
+
+    override DataFlow::Node getValueArg() { result in [this.getArg(1), this.getArgByName("value")] }
+
+    override predicate nameAllowsNewline() { none() }
+
+    override predicate valueAllowsNewline() { none() }
+  }
 }