Python: simplify barrier guard

python/ql/lib/semmle/python/security/dataflow/ServerSideRequestForgeryCustomizations.qll

@@ -177,7 +177,6 @@ module ServerSideRequestForgery {
     )
   }
 
-  /** A validation of a URI using the `AntiSSRF` library, considered as a full-ssrf sanitizer. */
   private class UriValidator extends FullUrlControlSanitizer {
     UriValidator() { this = DataFlow::BarrierGuard<uri_validator/3>::getABarrierNode() }
   }
@@ -185,27 +184,14 @@ module ServerSideRequestForgery {
   import semmle.python.dataflow.new.internal.DataFlowPublic
 
   private predicate uri_validator(DataFlow::GuardNode g, ControlFlowNode node, boolean branch) {
-    exists(DataFlow::CallCfgNode call, string funcs |
-      funcs in ["in_domain", "in_azure_keyvault_domain", "in_azure_storage_domain"] and
-      call = API::moduleImport("AntiSSRF").getMember("URIValidator").getMember(funcs).getACall() and
+    exists(DataFlow::CallCfgNode call, string validator_name |
+      validator_name in ["in_domain", "in_azure_keyvault_domain", "in_azure_storage_domain"] and
+      call =
+        API::moduleImport("AntiSSRF").getMember("URIValidator").getMember(validator_name).getACall() and
       call.getArg(0).asCfgNode() = node
     |
-      // validator call directly (e.g., if URIValidator.in_domain(...) )
       g = call.asCfgNode() and
       branch = true
-      or
-      // validator used in a comparison
-      exists(Cmpop op, Node n, ControlFlowNode l |
-        n.getALocalSource() = call and g.(CompareNode).operands(n.asCfgNode(), op, l)
-      |
-        // validator == true or validator == false or validator is True or validator is False
-        (op instanceof Eq or op instanceof Is) and
-        branch = l.getNode().(BooleanLiteral).booleanValue()
-        or
-        // validator != false or validator != true or validator is not True or validator is not False
-        (op instanceof NotEq or op instanceof IsNot) and
-        branch = l.getNode().(BooleanLiteral).booleanValue().booleanNot()
-      )
     )
   }
 }