mirror of
https://github.com/github/codeql.git
synced 2026-05-05 05:35:13 +02:00
Fix Pull Requests Problems
This commit is contained in:
Yunus AYDIN
@@ -1,12 +0,0 @@
|
||||
### Changelog for Web Cache Deception Query - CodeQL
|
||||
|
||||
- Initial release of the Web Cache Deception query for CodeQL.
|
||||
|
||||
#### Changes:
|
||||
- New query to detect potential Web Cache Deception vulnerabilities in web applications.
|
||||
- Included experimental examples of vulnerable (bad) and non-vulnerable (good) code patterns.
|
||||
|
||||
|
||||
#### Documentation and References:
|
||||
- [OWASP Web Cache Deception Attack](https://owasp.org/www-community/attacks/Web_Cache_Deception)
|
||||
- Additional documentation on query usage and configuration.
|
||||
@@ -1,28 +0,0 @@
|
||||
/**
|
||||
* @name Web Cache Deception
|
||||
* @description A caching system has been detected on the application and is vulnerable to web cache deception. By manipulating the URL it is possible to force the application to cache pages that are only accessible by an authenticated user. Once cached, these pages can be accessed by an unauthenticated user.
|
||||
* @kind path-problem
|
||||
* @problem.severity error
|
||||
* @security-severity 9
|
||||
* @precision high
|
||||
* @id go/web-cache-deception
|
||||
* @tags security
|
||||
* external/cwe/cwe-525
|
||||
*/
|
||||
|
||||
import go
|
||||
|
||||
from DataFlow::CallNode httpHandleFuncCall, DataFlow::CallNode call, DataFlow::Node predecessor, Expr predecessorExpr, CallExpr headerGetCall, Method get
|
||||
where
|
||||
httpHandleFuncCall.getTarget().hasQualifiedName("net/http", "HandleFunc") and
|
||||
httpHandleFuncCall.getNumArgument() > 1 and
|
||||
httpHandleFuncCall.getArgument(0).getType().toString() = "string" and
|
||||
httpHandleFuncCall.getArgument(0).toString().matches("%/\"") and
|
||||
// Trace the second argument's data flow to its predecessor
|
||||
predecessor = httpHandleFuncCall.getArgument(1).getAPredecessor() and
|
||||
// Find the corresponding expression for the predecessor
|
||||
get.hasQualifiedName("net/http", "Header", "Set") and
|
||||
call = get.getACall() and
|
||||
call.getArgument(0).toString().matches("\"Cache-Control\"")
|
||||
select httpHandleFuncCall.getArgument(0), call.getArgument(0)
|
||||
|
||||
@@ -1 +0,0 @@
|
||||
{"languages":{"go":{"displayName":"Go","files":["WebCacheDeception.go"],"linesOfCode":67,"name":"go"}}}
|
||||
@@ -1,10 +0,0 @@
|
||||
---
|
||||
sourceLocationPrefix: /Users/yunus.aydin/Research/codeql-fork/go/ql/src/Security/CVE-525
|
||||
baselineLinesOfCode: 67
|
||||
unicodeNewlines: false
|
||||
columnKind: utf8
|
||||
primaryLanguage: go
|
||||
creationMetadata:
|
||||
cliVersion: 2.15.1
|
||||
creationTime: 2023-11-13T20:28:51.105630Z
|
||||
finalised: true
|
||||
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user