From 840cded9b022c300db528f3e3b7bf73789fdafad Mon Sep 17 00:00:00 2001
From: jorgectf <jorgectf@protonmail.com>
Date: Tue, 16 Nov 2021 19:18:00 +0100
Subject: [PATCH] Avoid using `Str_` in `CookieHeader`

---
 .../semmle/python/CookieHeader.qll            | 33 ++++++++++++++-----
 1 file changed, 24 insertions(+), 9 deletions(-)

diff --git a/python/ql/src/experimental/semmle/python/CookieHeader.qll b/python/ql/src/experimental/semmle/python/CookieHeader.qll
index 2fda527c69f..1d28548e5a4 100644
--- a/python/ql/src/experimental/semmle/python/CookieHeader.qll
+++ b/python/ql/src/experimental/semmle/python/CookieHeader.qll
@@ -29,24 +29,39 @@ import experimental.semmle.python.Concepts
 class CookieHeader extends Cookie::Range instanceof HeaderDeclaration {
   CookieHeader() {
     this instanceof HeaderDeclaration and
-    this.(HeaderDeclaration).getNameArg().asExpr().(Str_).getS() = "Set-Cookie"
+    exists(StrConst str |
+      str.getText() = "Set-Cookie" and
+      DataFlow::exprNode(str)
+          .(DataFlow::LocalSourceNode)
+          .flowsTo(this.(HeaderDeclaration).getNameArg())
+    )
   }
 
   override predicate isSecure() {
-    this.(HeaderDeclaration).getValueArg().asExpr().(Str_).getS().regexpMatch(".*; *Secure;.*")
+    exists(StrConst str |
+      str.getText().regexpMatch(".*; *Secure;.*") and
+      DataFlow::exprNode(str)
+          .(DataFlow::LocalSourceNode)
+          .flowsTo(this.(HeaderDeclaration).getValueArg())
+    )
   }
 
   override predicate isHttpOnly() {
-    this.(HeaderDeclaration).getValueArg().asExpr().(Str_).getS().regexpMatch(".*; *HttpOnly;.*")
+    exists(StrConst str |
+      str.getText().regexpMatch(".*; *HttpOnly;.*") and
+      DataFlow::exprNode(str)
+          .(DataFlow::LocalSourceNode)
+          .flowsTo(this.(HeaderDeclaration).getValueArg())
+    )
   }
 
   override predicate isSameSite() {
-    this.(HeaderDeclaration)
-        .getValueArg()
-        .asExpr()
-        .(Str_)
-        .getS()
-        .regexpMatch(".*; *SameSite=(Strict|Lax);.*")
+    exists(StrConst str |
+      str.getText().regexpMatch(".*; *SameSite=(Strict|Lax);.*") and
+      DataFlow::exprNode(str)
+          .(DataFlow::LocalSourceNode)
+          .flowsTo(this.(HeaderDeclaration).getValueArg())
+    )
   }
 
   override DataFlow::Node getNameArg() { result = this.(HeaderDeclaration).getValueArg() }