Move Net::HTTP modelling into http_clients module

This seems a more convenient place to keep all the HTTP client modelling.
2026-04-25 16:55:19 +02:00 · 2021-09-22 09:18:52 +01:00
parent b658bacab3
commit 5826f2c279
7 changed files with 15 additions and 9 deletions
--- a/ql/lib/codeql/ruby/Frameworks.qll
+++ b/ql/lib/codeql/ruby/Frameworks.qll
@@ -7,3 +7,4 @@ private import codeql.ruby.frameworks.ActiveRecord
 private import codeql.ruby.frameworks.ActionView
 private import codeql.ruby.frameworks.StandardLibrary
 private import codeql.ruby.frameworks.Files
+private import codeql.ruby.frameworks.HTTPClients
--- a/ql/lib/codeql/ruby/frameworks/HTTPClients.qll
+++ b/ql/lib/codeql/ruby/frameworks/HTTPClients.qll
@@ -0,0 +1,5 @@
+/**
+ * Helper file that imports all HTTP clients.
+ */
+
+private import codeql.ruby.frameworks.http_clients.NetHTTP
--- a/ql/lib/codeql/ruby/frameworks/http_clients/NetHTTP.qll
+++ b/ql/lib/codeql/ruby/frameworks/http_clients/NetHTTP.qll
--- a/ql/test/library-tests/frameworks/http_clients/NetHTTP.expected
+++ b/ql/test/library-tests/frameworks/http_clients/NetHTTP.expected
@@ -0,0 +1,8 @@
+| NetHTTP.rb:4:1:4:18 | call to get | NetHTTP.rb:4:1:4:18 | call to get |
+| NetHTTP.rb:6:8:6:50 | call to post | NetHTTP.rb:7:1:7:9 | call to body |
+| NetHTTP.rb:6:8:6:50 | call to post | NetHTTP.rb:8:1:8:14 | call to read_body |
+| NetHTTP.rb:6:8:6:50 | call to post | NetHTTP.rb:9:1:9:11 | call to entity |
+| NetHTTP.rb:13:6:13:17 | call to get | NetHTTP.rb:18:1:18:7 | call to body |
+| NetHTTP.rb:14:6:14:18 | call to post | NetHTTP.rb:19:1:19:12 | call to read_body |
+| NetHTTP.rb:15:6:15:17 | call to put | NetHTTP.rb:20:1:20:9 | call to entity |
+| NetHTTP.rb:24:3:24:33 | call to get | NetHTTP.rb:27:1:27:28 | call to body |
--- a/ql/test/library-tests/frameworks/http_clients/NetHTTP.ql
+++ b/ql/test/library-tests/frameworks/http_clients/NetHTTP.ql
@@ -1,4 +1,4 @@
-import codeql.ruby.frameworks.stdlib.net.HTTP
+import codeql.ruby.frameworks.http_clients.NetHTTP
 import codeql.ruby.DataFlow

 query DataFlow::Node netHTTPRequests(NetHTTPRequest e) { result = e.getResponseBody() }
--- a/ql/test/library-tests/frameworks/http_clients/NetHTTP.rb
+++ b/ql/test/library-tests/frameworks/http_clients/NetHTTP.rb
--- a/ql/test/library-tests/frameworks/stdlib/net/Http.expected
+++ b/ql/test/library-tests/frameworks/stdlib/net/Http.expected
@@ -1,8 +0,0 @@
-| HTTP.rb:4:1:4:18 | call to get | HTTP.rb:4:1:4:18 | call to get |
-| HTTP.rb:6:8:6:50 | call to post | HTTP.rb:7:1:7:9 | call to body |
-| HTTP.rb:6:8:6:50 | call to post | HTTP.rb:8:1:8:14 | call to read_body |
-| HTTP.rb:6:8:6:50 | call to post | HTTP.rb:9:1:9:11 | call to entity |
-| HTTP.rb:13:6:13:17 | call to get | HTTP.rb:18:1:18:7 | call to body |
-| HTTP.rb:14:6:14:18 | call to post | HTTP.rb:19:1:19:12 | call to read_body |
-| HTTP.rb:15:6:15:17 | call to put | HTTP.rb:20:1:20:9 | call to entity |
-| HTTP.rb:24:3:24:33 | call to get | HTTP.rb:27:1:27:28 | call to body |