Python: Delete XsltSinks.ql test

2025-12-21 19:26:31 +01:00 · 2023-08-17 15:32:17 +02:00
parent 779fe6498c
commit ef139f2ee9
3 changed files with 0 additions and 74 deletions
--- a/python/ql/test/experimental/query-tests/Security/CWE-091-XsltInjection/XsltSinks.expected
+++ b/python/ql/test/experimental/query-tests/Security/CWE-091-XsltInjection/XsltSinks.expected
@@ -1,12 +0,0 @@
-| xslt.py:14:29:14:37 | lxml.etree.parse.xslt | lxml etree xml |
-| xsltInjection.py:12:28:12:36 | lxml.etree.XSLT | lxml etree xml |
-| xsltInjection.py:21:29:21:37 | lxml.etree.parse.xslt | lxml etree xml |
-| xsltInjection.py:31:24:31:32 | lxml.etree.parse.xslt | lxml etree xml |
-| xsltInjection.py:40:24:40:32 | lxml.etree.parse.xslt | lxml etree xml |
-| xsltInjection.py:50:24:50:32 | lxml.etree.parse.xslt | lxml etree xml |
-| xsltInjection.py:60:24:60:32 | lxml.etree.parse.xslt | lxml etree xml |
-| xsltInjection.py:69:24:69:32 | lxml.etree.parse.xslt | lxml etree xml |
-| xsltInjection.py:79:24:79:32 | lxml.etree.parse.xslt | lxml etree xml |
-| xsltSinks.py:17:28:17:36 | lxml.etree.XSLT | lxml etree xml |
-| xsltSinks.py:30:29:30:37 | lxml.etree.parse.xslt | lxml etree xml |
-| xsltSinks.py:44:24:44:32 | lxml.etree.parse.xslt | lxml etree xml |
--- a/python/ql/test/experimental/query-tests/Security/CWE-091-XsltInjection/XsltSinks.ql
+++ b/python/ql/test/experimental/query-tests/Security/CWE-091-XsltInjection/XsltSinks.ql
@@ -1,6 +0,0 @@
-import python
-import experimental.semmle.python.security.injection.XSLT
-
-from XsltInjection::XsltInjectionSink sink, TaintKind kind
-where sink.sinks(kind)
-select sink, kind
--- a/python/ql/test/experimental/query-tests/Security/CWE-091-XsltInjection/xsltSinks.py
+++ b/python/ql/test/experimental/query-tests/Security/CWE-091-XsltInjection/xsltSinks.py
@@ -1,56 +0,0 @@
-from lxml import etree
-from io import StringIO
-
-from django.urls import path
-from django.http import HttpResponse
-from django.template import Template, Context, Engine, engines
-
-
-def a(request):
-    xslt_root = etree.XML('''\
-        <xsl:stylesheet version="1.0"
-            xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
-            <xsl:template match="/">
-                <foo><xsl:value-of select="/a/b/text()" /></foo>
-            </xsl:template>
-        </xsl:stylesheet>''')
-    transform = etree.XSLT(xslt_root)
-
-
-def b(request):
-    xslt_root = etree.XML('''\
-        <xsl:stylesheet version="1.0"
-            xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
-            <xsl:template match="/">
-                <foo><xsl:value-of select="/a/b/text()" /></foo>
-            </xsl:template>
-        </xsl:stylesheet>''')
-    f = StringIO('<foo><bar></bar></foo>')
-    tree = etree.parse(f)
-    result_tree = tree.xslt(xslt_root)
-
-
-def c(request):
-    xslt_root = etree.XML('''\
-        <xsl:stylesheet version="1.0"
-            xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
-            <xsl:template match="/">
-                <foo><xsl:value-of select="/a/b/text()" /></foo>
-            </xsl:template>
-        </xsl:stylesheet>''')
-
-    f = StringIO('<foo><bar></bar></foo>')
-    tree = etree.parse(f)
-    result = tree.xslt(xslt_root, a="'A'")
-
-
-urlpatterns = [
-    path('a', a),
-    path('b', b),
-    path('c', c)
-]
-
-if __name__ == "__main__":
-    a(None)
-    b(None)
-    c(None)