JS: autoformat

2026-04-28 10:15:14 +02:00 · 2019-02-25 12:44:55 +01:00
parent 97edfc5524
commit b0358d7d11
3 changed files with 16 additions and 15 deletions
--- a/javascript/ql/src/semmle/javascript/dataflow/DataFlow.qll
+++ b/javascript/ql/src/semmle/javascript/dataflow/DataFlow.qll
@@ -116,7 +116,9 @@ module DataFlow {
    int getIntValue() { result = asExpr().getIntValue() }

    /** Gets a function value that may reach this node. */
-    FunctionNode getAFunctionValue() { result.getAstNode() = analyze().getAValue().(AbstractCallable).getFunction() }
+    FunctionNode getAFunctionValue() {
+      result.getAstNode() = analyze().getAValue().(AbstractCallable).getFunction()
+    }

    /**
     * Holds if this expression may refer to the initial value of parameter `p`.
@@ -1155,7 +1157,7 @@ module DataFlow {
    nd.asExpr() instanceof ExternalModuleReference and
    cause = "import"
    or
-    exists (Expr e | e = nd.asExpr() and cause = "heap" |
+    exists(Expr e | e = nd.asExpr() and cause = "heap" |
      e instanceof PropAccess or
      e instanceof E4X::XMLAnyName or
      e instanceof E4X::XMLAttributeSelector or
--- a/javascript/ql/src/semmle/javascript/frameworks/Vue.qll
+++ b/javascript/ql/src/semmle/javascript/frameworks/Vue.qll
@@ -392,7 +392,6 @@ module Vue {
   * A taint propagating data flow edge through a Vue instance property.
   */
  class InstanceHeapStep extends TaintTracking::AdditionalTaintStep {
-
    DataFlow::Node src;

    InstanceHeapStep() {
@@ -404,19 +403,16 @@ module Vue {
      )
    }

-    override predicate step(DataFlow::Node pred, DataFlow::Node succ) {
-      pred = src and succ = this
-    }
-
+    override predicate step(DataFlow::Node pred, DataFlow::Node succ) { pred = src and succ = this }
  }

  /*
   * Provides classes for working with Vue templates.
   */
+
  module Template {
    // Currently only supports HTML elements, but it may be possible to parse simple string templates later
-    private newtype TElement =
-      MkHtmlElement(HTML::Element e) { e.getFile() instanceof VueFile }
+    private newtype TElement = MkHtmlElement(HTML::Element e) { e.getFile() instanceof VueFile }

    /**
     * An element of a template.
@@ -472,5 +468,4 @@ module Vue {
      HTML::Element getElement() { result = elem }
    }
  }
-
 }
--- a/javascript/ql/src/semmle/javascript/security/dataflow/Xss.qll
+++ b/javascript/ql/src/semmle/javascript/security/dataflow/Xss.qll
@@ -203,14 +203,15 @@ module DomBasedXss {
   */
  class VHtmlSink extends DomBasedXss::Sink {
    HTML::Attribute attr;
-    VHtmlSink() { this.(DataFlow::HtmlAttributeNode).getAttribute() = attr and attr.getName() = "v-html" }
+
+    VHtmlSink() {
+      this.(DataFlow::HtmlAttributeNode).getAttribute() = attr and attr.getName() = "v-html"
+    }

    /**
     * Gets the HTML attribute of this sink.
     */
-    HTML::Attribute getAttr() {
-      result = attr
-    }
+    HTML::Attribute getAttr() { result = attr }
  }

  /**
@@ -226,7 +227,10 @@ module DomBasedXss {

    VHtmlSourceWrite() {
      exists(Vue::Instance instance, string expr |
-        attr.getAttr().getRoot() = instance.getTemplateElement().(Vue::Template::HtmlElement).getElement() and
+        attr.getAttr().getRoot() = instance
+              .getTemplateElement()
+              .(Vue::Template::HtmlElement)
+              .getElement() and
        expr = attr.getAttr().getValue() and
        // only support for simple identifier expressions
        expr.regexpMatch("(?i)[a-z0-9_]+") and