hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-04 13:15:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

Refactor InsecureBasicAuth

Browse Source
This commit is contained in:
Ed Minnix
2023-03-21 17:15:08 -04:00
parent dcd46c2236
commit fa2f0dbc3b
3 changed files with 26 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/test/query-tests/security/CWE-522/InsecureBasicAuthTest.ql
View File

@@ -9,7 +9,7 @@ class HasInsecureBasicAuthTest extends InlineExpectationsTest {
override predicate hasActualResult(Location location, string element, string tag, string value) {
tag = "hasInsecureBasicAuth" and
exists(DataFlow::Node sink, BasicAuthFlowConfig conf | conf.hasFlowTo(sink) |
exists(DataFlow::Node sink | InsecureBasicAuthFlow::flowTo(sink) |
sink.getLocation() = location and
element = sink.toString() and
value = ""