add ClientRequst models for http-proxy

2026-04-28 10:15:14 +02:00 · 2021-02-25 14:23:14 +01:00
parent b7c0d18c4a
commit ede1a40a02
4 changed files with 71 additions and 1 deletions
--- a/javascript/ql/src/javascript.qll
+++ b/javascript/ql/src/javascript.qll
@@ -94,6 +94,7 @@ import semmle.javascript.frameworks.LazyCache
 import semmle.javascript.frameworks.LodashUnderscore
 import semmle.javascript.frameworks.Logging
 import semmle.javascript.frameworks.HttpFrameworks
+import semmle.javascript.frameworks.HttpProxy
 import semmle.javascript.frameworks.Markdown
 import semmle.javascript.frameworks.NoSQL
 import semmle.javascript.frameworks.PkgCloud
--- a/javascript/ql/src/semmle/javascript/frameworks/HttpProxy.qll
+++ b/javascript/ql/src/semmle/javascript/frameworks/HttpProxy.qll
@@ -0,0 +1,54 @@
+/**
+ * Provides classes and predicates for working with the [http-proxy](https://www.npmjs.com/package/http-proxy) library.
+ */
+
+import javascript
+
+/**
+ * Provides classes and predicates modelling the [http-proxy](https://www.npmjs.com/package/http-proxy) library.
+ */
+private module HttpProxy {
+  /**
+   * A call that creates a http proxy.
+   */
+  class CreateServerCall extends API::CallNode, ClientRequest::Range {
+    CreateServerCall() {
+      this =
+        API::moduleImport("http-proxy")
+            .getMember(["createServer", "createProxyServer", "createProxy"])
+            .getACall()
+    }
+
+    override DataFlow::Node getUrl() { result = getParameter(0).getMember("target").getARhs() }
+
+    override DataFlow::Node getHost() { none() }
+
+    override DataFlow::Node getADataNode() { none() }
+  }
+
+  /**
+   * A call that proxies a request to some target.
+   */
+  class ProxyCall extends API::CallNode, ClientRequest::Range {
+    string method;
+
+    ProxyCall() {
+      method = ["ws", "web"] and
+      this = any(CreateServerCall server).getReturn().getMember(method).getACall()
+    }
+
+    override DataFlow::Node getUrl() {
+      exists(int optionsIndex |
+        method = "web" and optionsIndex = 2
+        or
+        method = "ws" and optionsIndex = 3
+      |
+        result = getParameter(optionsIndex).getMember("target").getARhs()
+      )
+    }
+
+    override DataFlow::Node getHost() { none() }
+
+    override DataFlow::Node getADataNode() { none() }
+  }
+}