hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update javascript/ql/src/experimental/Security/CWE-020/PostMessageNoOriginCheck.ql

Browse Source 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
This commit is contained in:
Alessio Della Libera
2020-06-16 18:26:42 +02:00
committed by GitHub
parent 72dc6510b2
commit 8843522d14
1 changed files with 3 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
javascript/ql/src/experimental/Security/CWE-020/PostMessageNoOriginCheck.ql
View File

@@ -49,10 +49,8 @@ class PostMessageEvent extends DataFlow::SourceNode {
* Holds if an access on `MessageEvent.origin` is in an `EqualityTest` and there is no call of an insufficient verification method on `MessageEvent.origin` * Holds if an access on `MessageEvent.origin` is in an `EqualityTest` and there is no call of an insufficient verification method on `MessageEvent.origin`
*/ */
predicate hasOriginChecked() { predicate hasOriginChecked() {
exists(string prop | prop = "origin" or prop = "source" | exists(EqualityTest test |
astNode.getAnOperand().(PropAccess).accesses(event, prop) and this.getAPropertyRead(["origin", "source"]).flowsToExpr(test.getAnOperand())
event.mayReferToParameter*(this.asExpr()) and
not this.hasOriginInsufficientlyChecked()
) )
} }