Merge pull request #10312 from erik-krogh/fix-caseDiff

ensure consistent casing of names
2026-04-30 11:15:13 +02:00 · 2022-09-19 10:43:12 +02:00
parent b48808778f 03a325ca31
commit a4cd913aea
234 changed files with 727 additions and 654 deletions
--- a/javascript/ql/src/Security/CWE-352/MissingCsrfMiddleware.ql
+++ b/javascript/ql/src/Security/CWE-352/MissingCsrfMiddleware.ql
@@ -35,7 +35,7 @@ predicate isRouteHandlerUsingCookies(Routing::RouteHandler handler) {
 * A router handler following after cookie parsing is assumed to depend on
 * cookies, and thus require CSRF protection.
 */
-predicate hasCookieMiddleware(Routing::Node route, HTTP::CookieMiddlewareInstance cookie) {
+predicate hasCookieMiddleware(Routing::Node route, Http::CookieMiddlewareInstance cookie) {
  route.isGuardedBy(cookie)
 }

@@ -112,7 +112,7 @@ private DataFlow::SourceNode nodeLeadingToCsrfWriteOrCheck(DataFlow::TypeBackTra
 * Gets a route handler that sets an CSRF related cookie.
 */
 private Routing::RouteHandler getAHandlerSettingCsrfCookie() {
-  exists(HTTP::CookieDefinition setCookie |
+  exists(Http::CookieDefinition setCookie |
    setCookie.getNameArgument().getStringValue().regexpMatch("(?i).*(csrf|xsrf).*") and
    result = Routing::getRouteHandler(setCookie.getRouteHandler())
  )
@@ -180,7 +180,7 @@ predicate hasCsrfMiddleware(Routing::RouteHandler handler) {

 from
  Routing::RouteSetup setup, Routing::Node setupArg, Routing::RouteHandler handler,
-  HTTP::CookieMiddlewareInstance cookie
+  Http::CookieMiddlewareInstance cookie
 where
  // Require that the handler uses cookies and has cookie middleware.
  //
--- a/javascript/ql/src/Security/CWE-451/MissingXFrameOptions.ql
+++ b/javascript/ql/src/Security/CWE-451/MissingXFrameOptions.ql
@@ -15,6 +15,6 @@
 import javascript
 import semmle.javascript.frameworks.HTTP

-from HTTP::ServerDefinition server
+from Http::ServerDefinition server
 where not exists(server.getARouteHandler().getAResponseHeader("x-frame-options"))
 select server, "This server never sets the 'X-Frame-Options' HTTP header."
--- a/javascript/ql/src/Security/CWE-598/SensitiveGetQuery.ql
+++ b/javascript/ql/src/Security/CWE-598/SensitiveGetQuery.ql
@@ -14,7 +14,7 @@
 import javascript

 from
-  Routing::RouteSetup setup, Routing::RouteHandler handler, HTTP::RequestInputAccess input,
+  Routing::RouteSetup setup, Routing::RouteHandler handler, Http::RequestInputAccess input,
  SensitiveNode sensitive
 where
  setup.getOwnHttpMethod() = "GET" and
--- a/javascript/ql/src/Security/CWE-730/ServerCrash.ql
+++ b/javascript/ql/src/Security/CWE-730/ServerCrash.ql
@@ -88,7 +88,7 @@ Function reachableFromAsyncCallback() {
 * The main predicate of this query: used for both result display and path computation.
 */
 predicate main(
-  HTTP::RouteHandler rh, AsyncSentinelCall async, AsyncCallback cb, LikelyExceptionThrower thrower
+  Http::RouteHandler rh, AsyncSentinelCall async, AsyncCallback cb, LikelyExceptionThrower thrower
 ) {
  async.getAsyncCallee() = cb and
  rh.getAstNode() = invokesCallbackThatThrowsUncaughtException(async, thrower)
@@ -180,7 +180,7 @@ query predicate nodes(AstNode node) {
 }

 from
-  HTTP::RouteHandler rh, AsyncSentinelCall async, DataFlow::Node callbackArg, AsyncCallback cb,
+  Http::RouteHandler rh, AsyncSentinelCall async, DataFlow::Node callbackArg, AsyncCallback cb,
  ExprOrStmt crasher
 where
  main(rh, async, cb, crasher) and
--- a/javascript/ql/src/experimental/poi/PoI.qll
+++ b/javascript/ql/src/experimental/poi/PoI.qll
@@ -77,7 +77,7 @@ private module StandardPoIs {
    UnpromotedRouteSetupPoI() { this = "UnpromotedRouteSetupPoI" }

    override predicate is(Node l0) {
-      l0 instanceof HTTP::RouteSetupCandidate and not l0 instanceof HTTP::RouteSetup
+      l0 instanceof Http::RouteSetupCandidate and not l0 instanceof Http::RouteSetup
    }
  }

@@ -88,7 +88,7 @@ private module StandardPoIs {
    UnpromotedRouteHandlerPoI() { this = "UnpromotedRouteHandlerPoI" }

    override predicate is(Node l0) {
-      l0 instanceof HTTP::RouteHandlerCandidate and not l0 instanceof HTTP::RouteHandler
+      l0 instanceof Http::RouteHandlerCandidate and not l0 instanceof Http::RouteHandler
    }
  }

@@ -98,7 +98,7 @@ private module StandardPoIs {
  class UnpromotedRouteHandlerWithFlowPoI extends PoI {
    UnpromotedRouteHandlerWithFlowPoI() { this = "UnpromotedRouteHandlerWithFlowPoI" }

-    private DataFlow::SourceNode track(HTTP::RouteHandlerCandidate cand, DataFlow::TypeTracker t) {
+    private DataFlow::SourceNode track(Http::RouteHandlerCandidate cand, DataFlow::TypeTracker t) {
      t.start() and
      result = cand
      or
@@ -106,8 +106,8 @@ private module StandardPoIs {
    }

    override predicate is(Node l0, Node l1, string t1) {
-      l0 instanceof HTTP::RouteHandlerCandidate and
-      not l0 instanceof HTTP::RouteHandler and
+      l0 instanceof Http::RouteHandlerCandidate and
+      not l0 instanceof Http::RouteHandler and
      l1 = track(l0, TypeTracker::end()) and
      (if l1 = l0 then t1 = "ends here" else t1 = "starts/ends here")
    }
--- a/javascript/ql/src/meta/analysis-quality/CandidateTracking.qll
+++ b/javascript/ql/src/meta/analysis-quality/CandidateTracking.qll
@@ -8,7 +8,7 @@ import javascript
 * Gets a source node to which `cand` may flow inter-procedurally, with `t` tracking
 * the state of flow.
 */
-DataFlow::SourceNode track(HTTP::RouteHandlerCandidate cand, DataFlow::TypeTracker t) {
+DataFlow::SourceNode track(Http::RouteHandlerCandidate cand, DataFlow::TypeTracker t) {
  t.start() and
  result = cand
  or
--- a/javascript/ql/src/meta/analysis-quality/RouteHandlers.ql
+++ b/javascript/ql/src/meta/analysis-quality/RouteHandlers.ql
@@ -11,6 +11,6 @@
 import javascript
 import CallGraphQuality

-HTTP::RouteHandler relevantRouteHandler() { not result.getFile() instanceof IgnoredFile }
+Http::RouteHandler relevantRouteHandler() { not result.getFile() instanceof IgnoredFile }

 select projectRoot(), count(relevantRouteHandler())
--- a/javascript/ql/src/meta/analysis-quality/UnpromotedRouteHandlerCandidate.ql
+++ b/javascript/ql/src/meta/analysis-quality/UnpromotedRouteHandlerCandidate.ql
@@ -11,10 +11,10 @@
 import javascript
 import CandidateTracking

-from HTTP::RouteHandlerCandidate rh
+from Http::RouteHandlerCandidate rh
 where
-  not rh instanceof HTTP::RouteHandler and
-  not exists(HTTP::RouteSetupCandidate setup |
+  not rh instanceof Http::RouteHandler and
+  not exists(Http::RouteSetupCandidate setup |
    track(rh, DataFlow::TypeTracker::end()).flowsTo(setup.getARouteHandlerArg())
  )
 select rh,
--- a/javascript/ql/src/meta/analysis-quality/UnpromotedRouteSetupCandidate.ql
+++ b/javascript/ql/src/meta/analysis-quality/UnpromotedRouteSetupCandidate.ql
@@ -11,10 +11,10 @@
 import javascript
 import CandidateTracking

-from HTTP::RouteSetupCandidate setup
+from Http::RouteSetupCandidate setup
 where
-  not setup instanceof HTTP::RouteSetup and
-  exists(HTTP::RouteHandlerCandidate rh |
+  not setup instanceof Http::RouteSetup and
+  exists(Http::RouteHandlerCandidate rh |
    track(rh, DataFlow::TypeTracker::end()).flowsTo(setup.getARouteHandlerArg())
  )
 select setup,