hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 17:25:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Formatting

Browse Source
This commit is contained in:
aegilops
2024-06-07 15:36:39 +01:00
parent 465d64a810
commit 7136763c37
1 changed files with 12 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
javascript/ql/src/Security/CWE-693/InsecureHelmet.ql
View File

@@ -26,8 +26,9 @@ class HelmetProperty extends Property {
predicate isImportantSecuritySetting() {
this.getName() in ["frameguard", "contentSecurityPolicy"]
or
// read from data extensions to allow enforcing other settings
or requiredHelmetSecuritySetting(this.getName())
requiredHelmetSecuritySetting(this.getName())
}
}
@@ -35,17 +36,17 @@ class HelmetProperty extends Property {
* Extend the required Helmet security settings using data extensions.
* Docs: https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-javascript/
* For example:
extensions:
- addsTo:
pack: codeql/javascript-all
extensible: requiredHelmetSecuritySetting
data:
- name: "frameguard"
* Note: `frameguard` is an example: the query already enforces this setting, so it is not necessary to add it to the data extension.
*
* extensions:
* - addsTo:
* pack: codeql/javascript-all
* extensible: requiredHelmetSecuritySetting
* data:
* - name: "frameguard"
*
* Note: `frameguard` is an example: the query already enforces this setting, so it is not necessary to add it to the data extension.
*/
extensible predicate requiredHelmetSecuritySetting(string name);
from HelmetProperty helmetSetting, ExpressLibraries::HelmetRouteHandler helmet