mirror of
https://github.com/github/codeql.git
synced 2025-12-17 01:03:14 +01:00
Ruby: update rb/sensitive-get-query tests
This commit is contained in:
Alex Ford
@@ -1,13 +1,24 @@
|
||||
edges
|
||||
| app/controllers/users_controller.rb:4:16:4:21 | call to params : | app/controllers/users_controller.rb:4:16:4:32 | ...[...] |
|
||||
| app/controllers/users_controller.rb:4:16:4:21 | call to params : | app/controllers/users_controller.rb:4:16:4:32 | ...[...] : |
|
||||
| app/controllers/users_controller.rb:4:16:4:32 | ...[...] : | app/controllers/users_controller.rb:5:42:5:49 | password |
|
||||
| app/controllers/users_controller.rb:4:11:4:16 | call to params : | app/controllers/users_controller.rb:4:11:4:27 | ...[...] |
|
||||
| app/controllers/users_controller.rb:9:16:9:21 | call to params : | app/controllers/users_controller.rb:9:16:9:27 | ...[...] : |
|
||||
| app/controllers/users_controller.rb:9:16:9:27 | ...[...] : | app/controllers/users_controller.rb:10:42:10:49 | password |
|
||||
| app/controllers/users_controller.rb:14:5:14:13 | [post] self [@password] : | app/controllers/users_controller.rb:15:42:15:50 | self [@password] : |
|
||||
| app/controllers/users_controller.rb:14:17:14:22 | call to params : | app/controllers/users_controller.rb:14:17:14:28 | ...[...] : |
|
||||
| app/controllers/users_controller.rb:14:17:14:28 | ...[...] : | app/controllers/users_controller.rb:14:5:14:13 | [post] self [@password] : |
|
||||
| app/controllers/users_controller.rb:15:42:15:50 | self [@password] : | app/controllers/users_controller.rb:15:42:15:50 | @password |
|
||||
nodes
|
||||
| app/controllers/users_controller.rb:4:16:4:21 | call to params : | semmle.label | call to params : |
|
||||
| app/controllers/users_controller.rb:4:16:4:32 | ...[...] | semmle.label | ...[...] |
|
||||
| app/controllers/users_controller.rb:4:16:4:32 | ...[...] : | semmle.label | ...[...] : |
|
||||
| app/controllers/users_controller.rb:5:42:5:49 | password | semmle.label | password |
|
||||
| app/controllers/users_controller.rb:4:11:4:16 | call to params : | semmle.label | call to params : |
|
||||
| app/controllers/users_controller.rb:4:11:4:27 | ...[...] | semmle.label | ...[...] |
|
||||
| app/controllers/users_controller.rb:9:16:9:21 | call to params : | semmle.label | call to params : |
|
||||
| app/controllers/users_controller.rb:9:16:9:27 | ...[...] : | semmle.label | ...[...] : |
|
||||
| app/controllers/users_controller.rb:10:42:10:49 | password | semmle.label | password |
|
||||
| app/controllers/users_controller.rb:14:5:14:13 | [post] self [@password] : | semmle.label | [post] self [@password] : |
|
||||
| app/controllers/users_controller.rb:14:17:14:22 | call to params : | semmle.label | call to params : |
|
||||
| app/controllers/users_controller.rb:14:17:14:28 | ...[...] : | semmle.label | ...[...] : |
|
||||
| app/controllers/users_controller.rb:15:42:15:50 | @password | semmle.label | @password |
|
||||
| app/controllers/users_controller.rb:15:42:15:50 | self [@password] : | semmle.label | self [@password] : |
|
||||
subpaths
|
||||
#select
|
||||
| app/controllers/users_controller.rb:4:16:4:21 | call to params | app/controllers/users_controller.rb:4:16:4:21 | call to params : | app/controllers/users_controller.rb:4:16:4:32 | ...[...] | $@ for GET requests uses query parameter as sensitive data. | app/controllers/users_controller.rb:3:3:6:5 | login_get | Route handler |
|
||||
| app/controllers/users_controller.rb:4:16:4:21 | call to params | app/controllers/users_controller.rb:4:16:4:21 | call to params : | app/controllers/users_controller.rb:5:42:5:49 | password | $@ for GET requests uses query parameter as sensitive data. | app/controllers/users_controller.rb:3:3:6:5 | login_get | Route handler |
|
||||
| app/controllers/users_controller.rb:4:11:4:16 | call to params | app/controllers/users_controller.rb:4:11:4:16 | call to params : | app/controllers/users_controller.rb:4:11:4:27 | ...[...] | $@ for GET requests uses query parameter as sensitive data. | app/controllers/users_controller.rb:3:3:6:5 | login_get_1 | Route handler |
|
||||
| app/controllers/users_controller.rb:9:16:9:21 | call to params | app/controllers/users_controller.rb:9:16:9:21 | call to params : | app/controllers/users_controller.rb:10:42:10:49 | password | $@ for GET requests uses query parameter as sensitive data. | app/controllers/users_controller.rb:8:3:11:5 | login_get_2 | Route handler |
|
||||
| app/controllers/users_controller.rb:14:17:14:22 | call to params | app/controllers/users_controller.rb:14:17:14:22 | call to params : | app/controllers/users_controller.rb:15:42:15:50 | @password | $@ for GET requests uses query parameter as sensitive data. | app/controllers/users_controller.rb:13:3:16:5 | login_get_3 | Route handler |
|
||||
|
||||
@@ -1,18 +1,28 @@
|
||||
class UsersController < ApplicationController
|
||||
|
||||
def login_get
|
||||
password = params[:password] # BAD: route handler uses GET query parameters to receive sensitive data
|
||||
def login_get_1
|
||||
foo = params[:password] # BAD: route handler uses GET query parameters to receive sensitive data
|
||||
authenticate_user(params[:username], foo)
|
||||
end
|
||||
|
||||
def login_get_2
|
||||
password = params[:foo] # BAD: route handler uses GET query parameters to receive sensitive data
|
||||
authenticate_user(params[:username], password)
|
||||
end
|
||||
|
||||
def login_get_3
|
||||
@password = params[:foo] # BAD: route handler uses GET query parameters to receive sensitive data
|
||||
authenticate_user(params[:username], @password)
|
||||
end
|
||||
|
||||
def login_post
|
||||
password = params[:password] # GOOD: handler uses POST form parameters to receive sensitive data
|
||||
authenticate_user(params[:username], password)
|
||||
foo = params[:password] # GOOD: handler uses POST form parameters to receive sensitive data
|
||||
authenticate_user(params[:username], foo)
|
||||
end
|
||||
|
||||
def login_get_cookies
|
||||
password = cookies[:password] # GOOD: data sourced from cookies rather than (plaintext) query params
|
||||
authenticate_user(params[:username], password)
|
||||
foo = cookies[:password] # GOOD: data sourced from cookies rather than (plaintext) query params
|
||||
authenticate_user(params[:username], foo)
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
Rails.application.routes.draw do
|
||||
match "users/login1", to: "users#login_get", via: :get
|
||||
get "users/login2", to: "users#login_get"
|
||||
post "users/login3", to: "users#login_post"
|
||||
get "users/login3", to: "users#login_get_cookies"
|
||||
match "users/login1", to: "users#login_get_1", via: :get
|
||||
get "users/login2", to: "users#login_get_2"
|
||||
get "users/login3", to: "users#login_get_3"
|
||||
post "users/login4", to: "users#login_post"
|
||||
get "users/login5", to: "users#login_get_cookies"
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user