hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Python: You can supply defaults for HTTP Response properties

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2020-10-22 11:43:23 +02:00
parent 87f31a96d7
commit e93c20a7a8
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
python/ql/src/experimental/semmle/python/Concepts.qll
View File

@@ -262,23 +262,35 @@ module HTTP {
/** Gets the data-flow node that specifies the content-type of this HTTP response, if any. */
abstract DataFlow::Node getContentTypeArg();
/** Gets the default content-type that should be used if `getContentTypeArg` has no results. */
abstract string getContentTypeDefault();
/** Gets the content-type of this HTTP response, if it can be statically determined. */
string getContentType() {
exists(StrConst str |
DataFlow::localFlow(DataFlow::exprNode(str), this.getContentTypeArg()) and
result = str.getText()
)
or
not exists(this.getContentTypeArg()) and
result = this.getContentTypeDefault()
}
/** Gets the data-flow node that specifies the status code of this HTTP response, if any. */
abstract DataFlow::Node getStatusCodeArg();
/** Gets the default status code that should be used if `getStatusCodeArg` has no results. */
abstract int getStatusCodeDefault();
/** Gets the status code of this HTTP response, if it can be statically determined. */
int getStatusCode() {
exists(IntegerLiteral i |
DataFlow::localFlow(DataFlow::exprNode(i), this.getStatusCodeArg()) and
result = i.getValue()
)
or
not exists(this.getStatusCodeArg()) and
result = this.getStatusCodeDefault()
}
}
}