Move CORS misconfiguration query from experimental to Security

javascript/ql/lib/semmle/javascript/security/CorsPermissiveConfigurationCustomizations.qll

@@ -5,8 +5,8 @@
  */
 
 import javascript
-import Cors::Cors
-import Apollo::Apollo
+private import semmle.javascript.frameworks.Apollo
+private import semmle.javascript.frameworks.Cors
 
 /** Module containing sources, sinks, and sanitizers for overly permissive CORS configurations. */
 module CorsPermissiveConfiguration {
@@ -105,7 +105,7 @@ module CorsPermissiveConfiguration {
    */
   class CorsApolloServer extends Sink, DataFlow::ValueNode {
     CorsApolloServer() {
-      exists(ApolloServer agql |
+      exists(Apollo::ApolloServer agql |
         this =
           agql.getOptionArgument(0, "cors").getALocalSource().getAPropertyWrite("origin").getRhs()
       )
@@ -125,7 +125,7 @@ module CorsPermissiveConfiguration {
    * An express route setup configured with the `cors` package.
    */
   class CorsConfiguration extends DataFlow::MethodCallNode {
-    Cors corsConfig;
+    Cors::Cors corsConfig;
 
     CorsConfiguration() {
       exists(Express::RouteSetup setup | this = setup |
@@ -136,6 +136,6 @@ module CorsPermissiveConfiguration {
     }
 
     /** Gets the expression that configures `cors` on this route setup. */
-    Cors getCorsConfiguration() { result = corsConfig }
+    Cors::Cors getCorsConfiguration() { result = corsConfig }
   }
 }

javascript/ql/src/Security/CWE-942/CorsPermissiveConfiguration.ql

@@ -1,5 +1,5 @@
 /**
- * @name overly CORS configuration
+ * @name Permissive CORS configuration
  * @description Misconfiguration of CORS HTTP headers allows CSRF attacks.
  * @kind path-problem
  * @problem.severity error
@@ -11,11 +11,12 @@
  */
 
 import javascript
-import CorsPermissiveConfigurationQuery
-import CorsPermissiveConfigurationFlow::PathGraph
+import semmle.javascript.security.CorsPermissiveConfigurationQuery as CorsQuery
+import CorsQuery::CorsPermissiveConfigurationFlow::PathGraph
 
 from
-  CorsPermissiveConfigurationFlow::PathNode source, CorsPermissiveConfigurationFlow::PathNode sink
-where CorsPermissiveConfigurationFlow::flowPath(source, sink)
+  CorsQuery::CorsPermissiveConfigurationFlow::PathNode source,
+  CorsQuery::CorsPermissiveConfigurationFlow::PathNode sink
+where CorsQuery::CorsPermissiveConfigurationFlow::flowPath(source, sink)
 select sink.getNode(), source, sink, "CORS Origin misconfiguration due to a $@.", source.getNode(),
   "too permissive or user controlled value"

javascript/ql/test/experimental/Security/CWE-942/CorsPermissiveConfiguration.qlref

@@ -1 +0,0 @@
-./experimental/Security/CWE-942/CorsPermissiveConfiguration.ql

javascript/ql/test/query-tests/Security/CWE-942/CorsPermissiveConfiguration.qlref

@@ -0,0 +1 @@
+Security/CWE-942/CorsPermissiveConfiguration.ql