JS: recognize Express header access with dynamic name

2026-04-30 11:15:13 +02:00 · 2018-09-26 08:22:21 +01:00
parent e78a4e9f10
commit a47b1dc774
3 changed files with 6 additions and 4 deletions
--- a/javascript/ql/src/semmle/javascript/frameworks/Express.qll
+++ b/javascript/ql/src/semmle/javascript/frameworks/Express.qll
@@ -483,7 +483,7 @@ module Express {
          // `req.headers.name`
          kind = "header" and
          headers.accesses(request, "headers") and
-          this = headers.getAPropertyRead(_))
+          this = headers.getAPropertyRead())
        or
        exists (string propName | propName = "host" or propName = "hostname" |
          // `req.host` and `req.hostname` are derived from headers