hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-23 18:33:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

MIME type -> content type

Browse Source 
This matches the terminology used elsewhere
This commit is contained in:
Chris Smowton
2021-03-19 17:44:45 +00:00
committed by Owen Mansel-Chan
parent 5f7165efbb
commit 9335e095a9
2 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
java/ql/src/semmle/code/java/frameworks/JaxWS.qll
View File

@@ -255,19 +255,19 @@ class MessageBodyReaderRead extends Method {
}
}
/** An `@Produces` annotation that describes which MIME types can be produced by this resource. */
/** An `@Produces` annotation that describes which content types can be produced by this resource. */
class JaxRSProducesAnnotation extends JaxRSAnnotation {
JaxRSProducesAnnotation() { getType().hasQualifiedName("javax.ws.rs", "Produces") }
/**
* Gets a declared MIME type that can be produced by this resource.
* Gets a declared content type that can be produced by this resource.
*/
string getADeclaredMimeType() {
string getADeclaredContentType() {
result = getAValue().(CompileTimeConstantExpr).getStringValue()
or
exists(Field jaxMediaType |
// Accesses to static fields on `MediaType` class do not have constant strings in the database
// so convert the field name to a mime type string
// so convert the field name to a content type string
jaxMediaType.getDeclaringType().hasQualifiedName("javax.ws.rs.core", "MediaType") and
jaxMediaType.getAnAccess() = getAValue() and
// e.g. MediaType.TEXT_PLAIN => text/plain
@@ -276,7 +276,7 @@ class JaxRSProducesAnnotation extends JaxRSAnnotation {
}
}
/** An `@Consumes` annotation that describes MIME types can be consumed by this resource. */
/** An `@Consumes` annotation that describes content types can be consumed by this resource. */
class JaxRSConsumesAnnotation extends JaxRSAnnotation {
JaxRSConsumesAnnotation() { getType().hasQualifiedName("javax.ws.rs", "Consumes") }
}

2
java/ql/src/semmle/code/java/security/XSS.qll
View File

@@ -102,7 +102,7 @@ private class DefaultXssSink extends XssSink {
|
not exists(resourceMethod.getProducesAnnotation())
or
resourceMethod.getProducesAnnotation().getADeclaredMimeType() = "text/plain"
resourceMethod.getProducesAnnotation().getADeclaredContentType() = "text/plain"
)
}
}