hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 09:15:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Convert remaining queries to use ActiveThreatModelSourceAsSource

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2024-11-01 10:47:10 +01:00
parent 19fae76a94
commit dc8e645594
8 changed files with 78 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
javascript/ql/src/experimental/Security/CWE-942/CorsPermissiveConfigurationCustomizations.qll
View File

@@ -25,9 +25,16 @@ module CorsPermissiveConfiguration {
*/
abstract class Sanitizer extends DataFlow::Node { }
/** A source of remote user input, considered as a flow source for CORS misconfiguration. */
class RemoteFlowSourceAsSource extends Source instanceof RemoteFlowSource {
RemoteFlowSourceAsSource() { not this instanceof ClientSideRemoteFlowSource }
/**
* DEPRECATED: Use `ActiveThreatModelSource` from Concepts instead!
*/
deprecated class RemoteFlowSourceAsSource = ActiveThreatModelSourceAsSource;
/**
* An active threat-model source, considered as a flow source.
*/
private class ActiveThreatModelSourceAsSource extends Source instanceof ActiveThreatModelSource {
ActiveThreatModelSourceAsSource() { not this instanceof ClientSideRemoteFlowSource }
}
/** A flow label representing `true` and `null` values. */