mirror of
https://github.com/github/codeql.git
synced 2026-04-30 19:26:02 +02:00
JS: add ClientRequest::getHost
This commit is contained in:
Esben Sparre Andreasen
@@ -21,6 +21,11 @@ abstract class CustomClientRequest extends DataFlow::InvokeNode {
|
||||
*/
|
||||
abstract DataFlow::Node getUrl();
|
||||
|
||||
/**
|
||||
* Gets the host of the request.
|
||||
*/
|
||||
abstract DataFlow::Node getHost();
|
||||
|
||||
/**
|
||||
* Gets a node that contributes to the data-part this request.
|
||||
*/
|
||||
@@ -50,6 +55,13 @@ class ClientRequest extends DataFlow::InvokeNode {
|
||||
result = custom.getUrl()
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the host of the request.
|
||||
*/
|
||||
DataFlow::Node getHost() {
|
||||
result = custom.getHost()
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets a node that contributes to the data-part this request.
|
||||
*/
|
||||
@@ -102,6 +114,10 @@ private class RequestUrlRequest extends CustomClientRequest {
|
||||
result = getOptionArgument(0, urlPropertyName())
|
||||
}
|
||||
|
||||
override DataFlow::Node getHost() {
|
||||
none()
|
||||
}
|
||||
|
||||
override DataFlow::Node getADataNode() {
|
||||
result = getArgument(1)
|
||||
}
|
||||
@@ -126,10 +142,18 @@ private class AxiosUrlRequest extends CustomClientRequest {
|
||||
)
|
||||
}
|
||||
|
||||
private DataFlow::Node getOptionArgument(string name) {
|
||||
// depends on the method name and the call arity, over-approximating slightly in the name of simplicity
|
||||
result = getOptionArgument([0..2], name)
|
||||
}
|
||||
|
||||
override DataFlow::Node getUrl() {
|
||||
result = getArgument(0) or
|
||||
// depends on the method name and the call arity, over-approximating slightly in the name of simplicity
|
||||
result = getOptionArgument([0..2], urlPropertyName())
|
||||
result = getOptionArgument(urlPropertyName())
|
||||
}
|
||||
|
||||
override DataFlow::Node getHost() {
|
||||
result = getOptionArgument("host")
|
||||
}
|
||||
|
||||
override DataFlow::Node getADataNode() {
|
||||
@@ -176,6 +200,8 @@ private class FetchUrlRequest extends CustomClientRequest {
|
||||
result = url
|
||||
}
|
||||
|
||||
override DataFlow::Node getHost() { none() }
|
||||
|
||||
override DataFlow::Node getADataNode() {
|
||||
exists (string name |
|
||||
name = "headers" or name = "body" |
|
||||
@@ -206,6 +232,14 @@ private class GotUrlRequest extends CustomClientRequest {
|
||||
not exists (getOptionArgument(1, "baseUrl"))
|
||||
}
|
||||
|
||||
override DataFlow::Node getHost() {
|
||||
exists (string name |
|
||||
name = "host" or
|
||||
name = "hostname" |
|
||||
result = getOptionArgument(1, name)
|
||||
)
|
||||
}
|
||||
|
||||
override DataFlow::Node getADataNode() {
|
||||
exists (string name |
|
||||
name = "headers" or name = "body" or name = "query" |
|
||||
@@ -235,6 +269,8 @@ private class SuperAgentUrlRequest extends CustomClientRequest {
|
||||
result = url
|
||||
}
|
||||
|
||||
override DataFlow::Node getHost() { none() }
|
||||
|
||||
override DataFlow::Node getADataNode() {
|
||||
exists (string name |
|
||||
name = "set" or name = "send" or name = "query" |
|
||||
@@ -252,5 +288,6 @@ private class XMLHttpRequest extends CustomClientRequest {
|
||||
|
||||
override DataFlow::Node getUrl() { result = getAMethodCall("open").getArgument(1) }
|
||||
|
||||
override DataFlow::Node getHost() { none() }
|
||||
override DataFlow::Node getADataNode() { result = getAMethodCall("send").getArgument(0) }
|
||||
}
|
||||
|
||||
@@ -64,6 +64,14 @@ module Electron {
|
||||
result = getOptionArgument(0, "url")
|
||||
}
|
||||
|
||||
override DataFlow::Node getHost() {
|
||||
exists (string name |
|
||||
name = "host" or
|
||||
name = "hostname" |
|
||||
result = getOptionArgument(0, name)
|
||||
)
|
||||
}
|
||||
|
||||
override DataFlow::Node getADataNode() {
|
||||
exists (string name |
|
||||
name = "write" or name = "end" |
|
||||
|
||||
@@ -737,6 +737,14 @@ module NodeJSLib {
|
||||
result = url
|
||||
}
|
||||
|
||||
override DataFlow::Node getHost() {
|
||||
exists (string name |
|
||||
name = "host" or
|
||||
name = "hostname" |
|
||||
result = getOptionArgument(1, name)
|
||||
)
|
||||
}
|
||||
|
||||
override DataFlow::Node getADataNode() {
|
||||
exists (string name |
|
||||
name = "write" or name = "end" |
|
||||
|
||||
@@ -359,5 +359,7 @@ private class JQueryClientRequest extends CustomClientRequest {
|
||||
result = getOptionArgument([0 .. 1], "url")
|
||||
}
|
||||
|
||||
override DataFlow::Node getHost() { none() }
|
||||
|
||||
override DataFlow::Node getADataNode() { result = getOptionArgument([0 .. 1], "data") }
|
||||
}
|
||||
|
||||
@@ -32,3 +32,7 @@
|
||||
| tst.js:77:5:77:32 | $.getJS ... data}) |
|
||||
| tst.js:78:5:78:38 | $.getJS ... data}) |
|
||||
| tst.js:80:15:80:34 | new XMLHttpRequest() |
|
||||
| tst.js:87:5:87:39 | http.ge ... host}) |
|
||||
| tst.js:89:5:89:23 | axios({host: host}) |
|
||||
| tst.js:91:5:91:34 | got(rel ... host}) |
|
||||
| tst.js:93:5:93:35 | net.req ... host }) |
|
||||
|
||||
@@ -0,0 +1,4 @@
|
||||
| tst.js:87:5:87:39 | http.ge ... host}) | tst.js:87:34:87:37 | host |
|
||||
| tst.js:89:5:89:23 | axios({host: host}) | tst.js:89:18:89:21 | host |
|
||||
| tst.js:91:5:91:34 | got(rel ... host}) | tst.js:91:29:91:32 | host |
|
||||
| tst.js:93:5:93:35 | net.req ... host }) | tst.js:93:29:93:32 | host |
|
||||
@@ -0,0 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from ClientRequest r
|
||||
select r, r.getHost()
|
||||
@@ -38,3 +38,7 @@
|
||||
| tst.js:78:5:78:38 | $.getJS ... data}) | tst.js:78:15:78:37 | {url: u ... : data} |
|
||||
| tst.js:78:5:78:38 | $.getJS ... data}) | tst.js:78:21:78:23 | url |
|
||||
| tst.js:80:15:80:34 | new XMLHttpRequest() | tst.js:81:17:81:19 | url |
|
||||
| tst.js:87:5:87:39 | http.ge ... host}) | tst.js:87:14:87:24 | relativeUrl |
|
||||
| tst.js:89:5:89:23 | axios({host: host}) | tst.js:89:11:89:22 | {host: host} |
|
||||
| tst.js:91:5:91:34 | got(rel ... host}) | tst.js:91:9:91:19 | relativeUrl |
|
||||
| tst.js:93:5:93:35 | net.req ... host }) | tst.js:93:17:93:34 | { hostname: host } |
|
||||
|
||||
@@ -81,3 +81,15 @@ import {ClientRequest, net} from 'electron';
|
||||
xhr.open(_, url);
|
||||
xhr.send(data);
|
||||
});
|
||||
|
||||
(function() {
|
||||
|
||||
http.get(relativeUrl, {host: host});
|
||||
|
||||
axios({host: host});
|
||||
|
||||
got(relativeUrl, {host: host});
|
||||
|
||||
net.request({ hostname: host });
|
||||
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user