Merge branch 'main' into threat-models

python/ql/test/query-tests/Security/CWE-942-CorsMisconfigurationMiddleware/CorsMisconfigurationMiddleware.expected

@@ -0,0 +1,2 @@
+| fastapi.py:10:1:16:1 | ControlFlowNode for Attribute() | This CORS middleware uses a vulnerable configuration that allows arbitrary websites to make authenticated cross-site requests |
+| starlette.py:8:5:8:75 | ControlFlowNode for Middleware() | This CORS middleware uses a vulnerable configuration that allows arbitrary websites to make authenticated cross-site requests |

python/ql/test/query-tests/Security/CWE-942-CorsMisconfigurationMiddleware/CorsMisconfigurationMiddleware.qlref

@@ -0,0 +1 @@
+experimental/Security/CWE-942/CorsMisconfigurationMiddleware.ql

python/ql/test/query-tests/Security/CWE-942-CorsMisconfigurationMiddleware/fastapi.py

@@ -0,0 +1,21 @@
+from fastapi import FastAPI
+from fastapi.middleware.cors import CORSMiddleware
+
+app = FastAPI()
+
+origins = [
+    "*"
+]
+
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=origins,
+    allow_credentials=True,
+    allow_methods=["*"],
+    allow_headers=["*"],
+)
+
+
+@app.get("/")
+async def main():
+    return {"message": "Hello World"}

python/ql/test/query-tests/Security/CWE-942-CorsMisconfigurationMiddleware/starlette.py

@@ -0,0 +1,11 @@
+from starlette.applications import Starlette
+from starlette.middleware import Middleware
+from starlette.middleware.cors import CORSMiddleware
+
+routes = ...
+
+middleware = [
+    Middleware(CORSMiddleware, allow_origins=['*'], allow_credentials=True)
+]
+
+app = Starlette(routes=routes, middleware=middleware)