Apply suggestions from code review

Co-authored-by: Erik Krogh Kristensen <erik-krogh@github.com>
2026-04-30 11:15:13 +02:00 · 2022-10-24 16:17:11 +02:00
parent c7ac237968
commit 742e4aa471
2 changed files with 11 additions and 14 deletions
--- a/javascript/ql/lib/semmle/javascript/frameworks/Restify.qll
+++ b/javascript/ql/lib/semmle/javascript/frameworks/Restify.qll
@@ -384,7 +384,7 @@ module Restify {
  }

  /**
-   * The URL of a REstify client, viewed as a sink for request forgery.
+   * The URL of a Restify client, viewed as a sink for request forgery.
   */
  class RequestForgerySink extends RFC::RequestForgery::Sink {
    RequestForgerySink() {
@@ -435,8 +435,7 @@ module Restify {
   * A header produced by a route handler with no explicit declaration of a Content-Type.
   */
  private class ContentTypeRouteHandlerHeader extends Http::ImplicitHeaderDefinition,
-    DataFlow::FunctionNode {
-    ContentTypeRouteHandlerHeader() { this instanceof RouteHandler }
+    DataFlow::FunctionNode instanceof RouteHandler {

    override predicate defines(string headerName, string headerValue) {
      headerName = "content-type" and headerValue = "application/json"
@@ -454,8 +453,7 @@ module Restify {
    override DataFlow::SourceNode getAReference() { result = def.ref() }
  }

-  private class RoutingTreeSetup extends Routing::RouteSetup::MethodCall {
-    RoutingTreeSetup() { this instanceof RouteSetup }
+  private class RoutingTreeSetup extends Routing::RouteSetup::MethodCall instanceof RouteSetup {

    override string getRelativePath() {
      not this.getMethodName() = ["use", "pre", "param", "on"] and // do not treat parameter name as a path
--- a/javascript/ql/lib/semmle/javascript/frameworks/Spife.qll
+++ b/javascript/ql/lib/semmle/javascript/frameworks/Spife.qll
@@ -186,8 +186,7 @@ module Spife {
    string kind;

    ContextInputAccess() {
-      request.ref().flowsTo(super.getReceiver()) and
-      super.getMethodName() = "get" and
+      this = request.ref().getAMethodCall("get")
      kind = "path"
    }

@@ -261,7 +260,7 @@ module Spife {

    override predicate definesHeaderValue(string headerName, DataFlow::Node headerValue) {
      // reply.header(RESPONSE, 'Cache-Control', 'no-cache')
-      headerName = this.getNameNode().getStringValue() and
+      this.getNameNode().mayHaveStringValue(headerName) and
      headerValue = this.getArgument(2)
    }

@@ -279,10 +278,10 @@ module Spife {
    MultipleHeaderDefinitions() {
      // reply.header(RESPONSE, {'Cache-Control': 'no-cache'})
      // reply(RESPONSE, {'Cache-Control': 'no-cache'})
-      reply.ref().(DataFlow::CallNode).getCalleeName() = ["header", "reply"] and
-      reply.ref().(DataFlow::CallNode).getAnArgument().getALocalSource() instanceof
-        DataFlow::ObjectLiteralNode and
-      this = reply
+      exists(DataFlow::CallNode call | call = [reply.ref(), reply.ref().getAMethodCall("header")] | 
+        call.getAnArgument().getALocalSource() instanceof DataFlow::ObjectLiteralNode and
+        this = call
+      )
    }

    /**
@@ -321,10 +320,10 @@ module Spife {
  /**
   * An HTTP cookie defined in a Spife HTTP response.
   */
-  private class CookieDefinition extends Http::CookieDefinition, DataFlow::MethodCallNode instanceof ReplySource {
+  private class CookieDefinition extends Http::CookieDefinition, DataFlow::MethodCallNode {
    CookieDefinition() {
      // reply.cookie(RESPONSE, 'TEST', 'FOO', {"maxAge": 1000, "httpOnly": true, "secure": true})
-      this.ref().(DataFlow::MethodCallNode).getMethodName() = "cookie"
+      this = any(ReplySource r).ref().getAMethodCall("cookie")
    }

    override DataFlow::Node getNameArgument() { result = this.getArgument(1) }