Rename and update qldoc of default safe header splitting source

2026-03-01 13:23:49 +01:00 · 2020-07-09 16:14:21 +02:00
parent b147be6fea
commit b3bb4cbf54
1 changed files with 3 additions and 3 deletions
--- a/java/ql/src/semmle/code/java/security/ResponseSplitting.qll
+++ b/java/ql/src/semmle/code/java/security/ResponseSplitting.qll
@@ -40,9 +40,9 @@ private class ServletHeaderSplittingSink extends HeaderSplittingSink {
  }
 }

-/** Servlet sources considered safe regarding header splitting */
-private class ServletSafeHeaderSplittingSource extends SafeHeaderSplittingSource {
-  ServletSafeHeaderSplittingSource() {
+/** Sources of data considered safe to use by header splitting sinks. */
+private class DefaultSafeHeaderSplittingSource extends SafeHeaderSplittingSource {
+  DefaultSafeHeaderSplittingSource() {
    this.asExpr().(MethodAccess).getMethod() instanceof HttpServletRequestGetHeaderMethod or
    this.asExpr().(MethodAccess).getMethod() instanceof CookieGetNameMethod
  }