hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update python/ql/src/semmle/python/frameworks/Django.qll

Browse Source 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswl@github.com>
This commit is contained in:
yoff
2021-02-05 23:31:20 +01:00
committed by GitHub
parent 93f91d8746
commit ddd362bc16
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
python/ql/src/semmle/python/frameworks/Django.qll
View File

@@ -2314,6 +2314,13 @@ private module Django {
DjangoShortcutsRedirectCall() { node.getFunction() = django::shortcuts::redirect().asCfgNode() }
/**
* Gets the data-flow node that specifies the location of this HTTP redirect response.
*
* Note: For `django.shortcuts.redirect`, the result might not be a full URL
* (as usually expected by this method), but could be a relative URL,
* a string identifying a view, or a Django model.
*/
override DataFlow::Node getRedirectLocation() {
result.asCfgNode() in [node.getArg(0), node.getArgByName("to")]
}