Merge pull request #3119 from erik-krogh/SockJS

Approved by esbena

javascript/ql/test/library-tests/frameworks/WebSocket/browser.js

@@ -2,14 +2,31 @@
 	const socket = new WebSocket('ws://localhost:8080');
 
 	socket.addEventListener('open', function (event) {
-    	socket.send('Hi from browser!');
+		socket.send('Hi from browser!');
 	});
 
 	socket.addEventListener('message', function (event) {
-	    console.log('Message from server ', event.data);
+		console.log('Message from server ', event.data);
 	});
+
+	socket.onmessage = function (event) {
+		console.log("Message from server 2", event.data)
+	};
+})();
+
+
+(function () {
+	var sock = new SockJS('http://0.0.0.0:9999/echo');
+	sock.onopen = function () {
+		sock.send('test');
+	};
 	
-	socket.onmessage = function(event) {
-      console.log("Message from server 2", event.data)
-    };
-})();
+	sock.onmessage = function (e) {
+		console.log('message', e.data);
+		sock.close();
+	};
+	
+	sock.addEventListener('message', function (event) {
+		console.log('Using addEventListener ', event.data);
+	});
+})

javascript/ql/test/library-tests/frameworks/WebSocket/client.js

@@ -4,10 +4,10 @@
 	const ws = new WebSocket('ws://example.org');
 
 	ws.on('open', function open() {
-  		ws.send('Hi from client!');
+		ws.send('Hi from client!');
 	});
 
 	ws.on('message', function incoming(data) {
-  		console.log(data);
+		console.log(data);
 	});
 })();

javascript/ql/test/library-tests/frameworks/WebSocket/server.js

@@ -4,10 +4,10 @@
 	const wss = new WebSocket.Server({ port: 8080 });
 
 	wss.on('connection', function connection(ws) {
-  		ws.on('message', function incoming(message) {
-    		console.log('received: %s', message);
-  		});
+		ws.on('message', function incoming(message) {
+			console.log('received: %s', message);
+		});
 
-  		ws.send('Hi from server!');
+		ws.send('Hi from server!');
 	});
 })();

javascript/ql/test/library-tests/frameworks/WebSocket/sockjs.js

@@ -0,0 +1,16 @@
+const express = require('express');
+const http = require('http');
+const sockjs = require('sockjs');
+
+const app = express();
+const server = http.createServer(app);
+const sockjs_echo = sockjs.createServer({});
+sockjs_echo.on('connection', function (conn) {
+    conn.on('data', function (message) {
+        var data = JSON.parse(message);
+        conn.write(JSON.stringify(eval(data.test)));
+    });
+});
+
+sockjs_echo.installHandlers(server, { prefix: '/echo' });
+server.listen(9090, '127.0.0.1');

javascript/ql/test/library-tests/frameworks/WebSocket/test.expected

@@ -1,22 +1,35 @@
 clientSocket
 | browser.js:2:17:2:52 | new Web ... :8080') |
+| browser.js:19:13:19:50 | new Soc ... /echo') |
 | client.js:4:13:4:45 | new Web ... e.org') |
 clientSend
-| browser.js:5:6:5:36 | socket. ... wser!') |
-| client.js:7:5:7:30 | ws.send ... ient!') |
+| browser.js:5:3:5:33 | socket. ... wser!') |
+| browser.js:21:3:21:19 | sock.send('test') |
+| client.js:7:3:7:28 | ws.send ... ient!') |
 clientReceive
 | browser.js:8:37:10:2 | functio ... ta);\\n\\t} |
-| browser.js:12:21:14:5 | functio ... )\\n    } |
+| browser.js:12:21:14:2 | functio ... ata)\\n\\t} |
+| browser.js:24:19:27:2 | functio ... e();\\n\\t} |
+| browser.js:29:35:31:2 | functio ... ta);\\n\\t} |
 | client.js:10:19:12:2 | functio ... ta);\\n\\t} |
 serverSocket
 | server.js:6:43:6:44 | ws |
+| sockjs.js:8:40:8:43 | conn |
 serverSend
-| server.js:11:5:11:30 | ws.send ... rver!') |
+| server.js:11:3:11:28 | ws.send ... rver!') |
+| sockjs.js:11:9:11:51 | conn.wr ... test))) |
 serverReceive
-| server.js:7:5:9:6 | ws.on(' ... \\n  \\t\\t}) |
+| server.js:7:3:9:4 | ws.on(' ... );\\n\\t\\t}) |
+| sockjs.js:9:5:12:6 | conn.on ... \\n    }) |
 taintStep
-| browser.js:5:18:5:35 | 'Hi from browser!' | server.js:7:40:7:46 | message |
-| client.js:7:13:7:29 | 'Hi from client!' | server.js:7:40:7:46 | message |
-| server.js:11:13:11:29 | 'Hi from server!' | browser.js:9:42:9:51 | event.data |
-| server.js:11:13:11:29 | 'Hi from server!' | browser.js:13:44:13:53 | event.data |
-| server.js:11:13:11:29 | 'Hi from server!' | client.js:10:37:10:40 | data |
+| browser.js:5:15:5:32 | 'Hi from browser!' | server.js:7:38:7:44 | message |
+| browser.js:21:13:21:18 | 'test' | sockjs.js:9:31:9:37 | message |
+| client.js:7:11:7:27 | 'Hi from client!' | server.js:7:38:7:44 | message |
+| server.js:11:11:11:27 | 'Hi from server!' | browser.js:9:39:9:48 | event.data |
+| server.js:11:11:11:27 | 'Hi from server!' | browser.js:13:40:13:49 | event.data |
+| server.js:11:11:11:27 | 'Hi from server!' | client.js:10:37:10:40 | data |
+| sockjs.js:11:20:11:50 | JSON.st ... .test)) | browser.js:25:26:25:31 | e.data |
+| sockjs.js:11:20:11:50 | JSON.st ... .test)) | browser.js:30:42:30:51 | event.data |
+remoteFlow
+| server.js:7:38:7:44 | message |
+| sockjs.js:9:31:9:37 | message |

javascript/ql/test/library-tests/frameworks/WebSocket/test.ql

@@ -15,3 +15,5 @@ query ServerWebSocket::ReceiveNode serverReceive() { any() }
 query predicate taintStep(DataFlow::Node pred, DataFlow::Node succ) {
   any(DataFlow::AdditionalFlowStep s).step(pred, succ)
 }
+
+query RemoteFlowSource remoteFlow() { any() }