Streamline definition of UserControlledRequestField.

ql/src/semmle/go/frameworks/HTTP.qll

@@ -6,16 +6,12 @@ import go
 
 private module StdlibHttp {
   /** An access to an HTTP request field whose value may be controlled by an untrusted user. */
-  private class UserControlledRequestField extends UntrustedFlowSource::Range, DataFlow::ExprNode {
+  private class UserControlledRequestField extends UntrustedFlowSource::Range, DataFlow::FieldReadNode {
-    override SelectorExpr expr;
-
     UserControlledRequestField() {
-      exists(Type req, Type baseType, string fieldName |
+      exists(Type req, string fieldName |
         req.hasQualifiedName("net/http", "Request") and
-        baseType = expr.getBase().getType() and
+        this.getField() = req.getField(fieldName) |
-        fieldName = expr.getSelector().getName() and
+        fieldName = "Body" or fieldName = "Form" or fieldName = "Header" or fieldName = "URL"
-        (baseType = req or baseType = req.getPointerType()) and
-        (fieldName = "Body" or fieldName = "Form" or fieldName = "Header" or fieldName = "URL")
       )
     }
   }