From 74f8f1dcdb2b6418efd1a6b24ad1da16ad5429f4 Mon Sep 17 00:00:00 2001
From: Slavomir <gagliardetto@users.noreply.github.com>
Date: Mon, 24 May 2021 15:19:35 +0200
Subject: [PATCH] Cleanup

---
 ql/src/experimental/CWE-942/CorsMisconfiguration.ql | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ql/src/experimental/CWE-942/CorsMisconfiguration.ql b/ql/src/experimental/CWE-942/CorsMisconfiguration.ql
index 8aa06faccce..eb9cc52d8fe 100644
--- a/ql/src/experimental/CWE-942/CorsMisconfiguration.ql
+++ b/ql/src/experimental/CWE-942/CorsMisconfiguration.ql
@@ -83,10 +83,10 @@ predicate allowOriginIsWildcardOrNull(HTTP::HeaderWrite allowOriginHW, string me
 
 from HTTP::HeaderWrite allowOriginHW, string message
 where
+  allowCredentialsIsSetToTrue(allowOriginHW) and
   (
     flowsFromUntrustedToAllowOrigin(allowOriginHW, message)
     or
     allowOriginIsWildcardOrNull(allowOriginHW, message)
-  ) and
-  allowCredentialsIsSetToTrue(allowOriginHW)
+  )
 select allowOriginHW, message