hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-03 04:39:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #307 from github/hmac-outgoing-http-2

Browse Source 
Model some more HTTP clients
This commit is contained in:
Harry Maclean
2021-09-24 12:30:48 +01:00
committed by GitHub
parent 141f5f7605 88885a222e
commit 74982cb3aa
13 changed files with 242 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
ql/test/library-tests/frameworks/http_clients/Excon.expected Normal file
View File

@@ -0,0 +1,10 @@
| Excon.rb:3:9:3:40 | call to get | Excon.rb:4:1:4:10 | call to body |
| Excon.rb:6:9:6:60 | call to post | Excon.rb:7:1:7:10 | call to body |
| Excon.rb:9:9:9:59 | call to put | Excon.rb:10:1:10:10 | call to body |
| Excon.rb:12:9:12:61 | call to patch | Excon.rb:13:1:13:10 | call to body |
| Excon.rb:15:9:15:43 | call to delete | Excon.rb:16:1:16:10 | call to body |
| Excon.rb:18:9:18:41 | call to head | Excon.rb:19:1:19:10 | call to body |
| Excon.rb:21:9:21:44 | call to options | Excon.rb:22:1:22:10 | call to body |
| Excon.rb:24:9:24:42 | call to trace | Excon.rb:25:1:25:10 | call to body |
| Excon.rb:28:9:28:33 | call to get | Excon.rb:29:1:29:10 | call to body |
| Excon.rb:31:10:31:38 | call to post | Excon.rb:32:1:32:11 | call to body |

4
ql/test/library-tests/frameworks/http_clients/Excon.ql Normal file
View File

@@ -0,0 +1,4 @@
import codeql.ruby.frameworks.http_clients.Excon
import codeql.ruby.DataFlow
query DataFlow::Node exconHTTPRequests(ExconHTTPRequest e) { result = e.getResponseBody() }

32
ql/test/library-tests/frameworks/http_clients/Excon.rb Normal file
View File

@@ -0,0 +1,32 @@
require "excon"
resp1 = Excon.get("http://example.com/")
resp1.body
resp2 = Excon.post("http://example.com/", body: "some_data")
resp2.body
resp3 = Excon.put("http://example.com/", body: "some_data")
resp3.body
resp4 = Excon.patch("http://example.com/", body: "some_data")
resp4.body
resp5 = Excon.delete("http://example.com/")
resp5.body
resp6 = Excon.head("http://example.com/")
resp6.body
resp7 = Excon.options("http://example.com/")
resp7.body
resp8 = Excon.trace("http://example.com/")
resp8.body
connection = Excon.new("http://example.com")
resp9 = connection.get(path: "/")
resp9.body
resp10 = connection.post(path: "/foo")
resp10.body

9
ql/test/library-tests/frameworks/http_clients/Faraday.expected Normal file
View File

@@ -0,0 +1,9 @@
| Faraday.rb:3:9:3:42 | call to get | Faraday.rb:4:1:4:10 | call to body |
| Faraday.rb:6:9:6:62 | call to post | Faraday.rb:7:1:7:10 | call to body |
| Faraday.rb:9:9:9:61 | call to put | Faraday.rb:10:1:10:10 | call to body |
| Faraday.rb:12:9:12:63 | call to patch | Faraday.rb:13:1:13:10 | call to body |
| Faraday.rb:15:9:15:45 | call to delete | Faraday.rb:16:1:16:10 | call to body |
| Faraday.rb:18:9:18:43 | call to head | Faraday.rb:19:1:19:10 | call to body |
| Faraday.rb:24:9:24:44 | call to trace | Faraday.rb:25:1:25:10 | call to body |
| Faraday.rb:28:9:28:27 | call to get | Faraday.rb:29:1:29:10 | call to body |
| Faraday.rb:31:10:31:46 | call to post | Faraday.rb:32:1:32:11 | call to body |

4
ql/test/library-tests/frameworks/http_clients/Faraday.ql Normal file
View File

@@ -0,0 +1,4 @@
import codeql.ruby.frameworks.http_clients.Faraday
import codeql.ruby.DataFlow
query DataFlow::Node faradayHTTPRequests(FaradayHTTPRequest e) { result = e.getResponseBody() }

32
ql/test/library-tests/frameworks/http_clients/Faraday.rb Normal file
View File

@@ -0,0 +1,32 @@
require "faraday"
resp1 = Faraday.get("http://example.com/")
resp1.body
resp2 = Faraday.post("http://example.com/", body: "some_data")
resp2.body
resp3 = Faraday.put("http://example.com/", body: "some_data")
resp3.body
resp4 = Faraday.patch("http://example.com/", body: "some_data")
resp4.body
resp5 = Faraday.delete("http://example.com/")
resp5.body
resp6 = Faraday.head("http://example.com/")
resp6.body
resp7 = Faraday.options("http://example.com/")
resp7.body
resp8 = Faraday.trace("http://example.com/")
resp8.body
connection = Faraday.new("http://example.com")
resp9 = connection.get("/")
resp9.body
resp10 = connection.post("/foo", some: "data")
resp10.body

7
ql/test/library-tests/frameworks/http_clients/RestClient.expected Normal file
View File

@@ -0,0 +1,7 @@
| RestClient.rb:3:9:3:45 | call to get | RestClient.rb:4:1:4:10 | call to body |
| RestClient.rb:6:9:6:59 | call to post | RestClient.rb:7:1:7:10 | call to body |
| RestClient.rb:9:9:9:58 | call to put | RestClient.rb:10:1:10:10 | call to body |
| RestClient.rb:12:9:12:60 | call to patch | RestClient.rb:13:1:13:10 | call to body |
| RestClient.rb:15:9:15:47 | call to delete | RestClient.rb:16:1:16:10 | call to body |
| RestClient.rb:18:9:18:45 | call to head | RestClient.rb:19:1:19:10 | call to body |
| RestClient.rb:21:9:21:48 | call to options | RestClient.rb:22:1:22:10 | call to body |

6
ql/test/library-tests/frameworks/http_clients/RestClient.ql Normal file
View File

@@ -0,0 +1,6 @@
import codeql.ruby.frameworks.http_clients.RestClient
import codeql.ruby.DataFlow
query DataFlow::Node restClientHTTPRequests(RestClientHTTPRequest e) {
result = e.getResponseBody()
}

22
ql/test/library-tests/frameworks/http_clients/RestClient.rb Normal file
View File

@@ -0,0 +1,22 @@
require "rest-client"
resp1 = RestClient.get("http://example.com/")
resp1.body
resp2 = RestClient.post("http://example.com", some: "data")
resp2.body
resp3 = RestClient.put("http://example.com", some: "data")
resp3.body
resp4 = RestClient.patch("http://example.com", some: "data")
resp4.body
resp5 = RestClient.delete("http://example.com")
resp5.body
resp6 = RestClient.head("http://example.com")
resp6.body
resp7 = RestClient.options("http://example.com")
resp7.body