hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,255 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.2
Commit Graph

468 Commits

Author SHA1 Message Date
jorgectf
3fe2a08376 Update .expected file 2021-11-16 15:03:49 +01:00
jorgectf
e7d649f36d Make Cookie concept extend HTTP::Server::CookieWrite 2021-11-16 13:54:25 +01:00
jorgectf
129a81a2f8 Cover smtplib 2021-11-13 14:24:40 +01:00
jorgectf
5774ce2479 Improve django test 2021-11-08 10:34:16 +01:00
jorgectf
f4a73fcc59 Add RFS to sendgrid test 2021-11-08 10:33:57 +01:00
jorgectf
d316974157 Add HtmlContent additional taint step 2021-11-08 10:23:50 +01:00
jorgectf
86aac7c215 Add/Update .expected files. 2021-11-05 20:13:12 +01:00
jorgectf
a420e6e18d Add CookieInjection.qlref 2021-11-05 20:12:56 +01:00
jorgectf
cf47e8eb9c Fix endpoints' naming 2021-11-05 20:12:35 +01:00
jorgectf
d7a79469e6 Improve tests 2021-11-05 20:08:52 +01:00
thank_you
3a4e3d5146 Remove comments from Python example tests 
Besides removing comments, I also reduced the complexity of some of the Python code examples.
 2021-10-30 14:00:51 -04:00
jorgectf
e8e0f0fea8 Add temporary .expected 2021-10-28 14:22:14 +02:00
jorgectf
4c2a4226ef Merge remote-tracking branch 'origin/main' into jty/python/emailInjection 2021-10-28 13:26:57 +02:00
jorgectf
3dec222922 Merge remote-tracking branch 'origin/main' into jorgectf/python/jwt-queries 2021-10-28 13:11:46 +02:00
Rasmus Wriedt Larsen
58bc1102e5 Merge branch 'main' into jorgectf/python/deserialization 2021-10-28 12:31:34 +02:00
jorgectf
cf9e9f9dd4 Add cookie injection query missing proper tests 2021-10-28 10:28:45 +02:00
jorgectf
129edd605e Update .expected 2021-10-28 09:25:56 +02:00
jorgectf
0f2b81e0d2 Polish tests 2021-10-28 09:24:47 +02:00
jorgectf
28ec8c9dee Merge remote-tracking branch 'origin/main' into jorgectf/python/insecure-cookie 2021-10-27 19:00:55 +02:00
jorgectf
271e2e4c49 Update .expected 2021-10-16 13:12:33 +02:00
jorgectf
45146bc798 Merge branch 'main' into jorgectf/python/headerInjection 2021-10-16 12:46:57 +02:00
jorgectf
bf76d9cd8b Fix django test 2021-10-16 10:45:25 +02:00
jorgectf
2db1ffef1e Merge remote-tracking branch 'origin/main' into jorgectf/python/headerInjection 2021-10-16 10:40:52 +02:00
jorgectf
15dfc6d1da Fix xml_sax_parser.py good/bad naming 2021-10-16 09:50:58 +02:00
Rasmus Lerchedahl Petersen
61008fd3d0 Merge branch 'main' of github.com:github/codeql into python/promote-regex-injection 2021-10-12 11:28:12 +02:00
yoff
43f7eede0b Merge pull request #6182 from haby0/python/LogInjection 
Python: CWE-117 Log injection
 2021-10-12 10:54:45 +02:00
yoff
0629ce00de Merge pull request #6214 from haby0/python/ClientSuppliedIpUsedInSecurityCheck 
[Python] CWE-348:  Client supplied ip used in security check
 2021-10-11 16:38:04 +02:00
haby0
c2d0fcfbe6 Update python/ql/test/experimental/query-tests/Security/CWE-348/ClientSuppliedIpUsedInSecurityCheck.expected 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-10-11 16:46:02 +08:00
haby0
29ddc76e2f Update python/ql/test/experimental/query-tests/Security/CWE-117/LogInjection.expected 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-10-11 16:43:30 +08:00
Rasmus Wriedt Larsen
8df3dab121 Python: Adjust .expected with subpaths 2021-09-28 17:04:20 +02:00
Rasmus Wriedt Larsen
67fddda6d2 Merge branch 'main' into jorgectf/python/deserialization 2021-09-28 16:49:33 +02:00
Rasmus Wriedt Larsen
547cbb6322 Merge pull request #6331 from porcupineyhairs/pythonXpath 
Python : Improve Xpath Injection Query
 2021-09-24 18:11:08 +02:00
Rasmus Wriedt Larsen
d39df18544 Python: Minor test cleanup 2021-09-24 16:11:27 +02:00
Rasmus Wriedt Larsen
26d2fbd217 Python: Fix new XPath injection query 
Fixes the typo `ETXpath` => `ETXPath`
 2021-09-24 15:11:34 +02:00
Rasmus Wriedt Larsen
913a679ef5 Python: Replace old XPath injection query 2021-09-24 15:10:41 +02:00
Rasmus Wriedt Larsen
ef6e502ff0 Python: Make LDAP global options test better 
Before it didn't really showcase that we know it can make connections
secure.
 2021-09-23 10:18:18 +02:00
haby0
c60eded2de Fix conflicting 2021-09-15 11:07:43 +08:00
Rasmus Lerchedahl Petersen
1c7982b319 Python: Move query tests over 2021-09-14 13:29:21 +02:00
jorgectf
b505662ef9 Fix global test and update .expected 2021-09-14 10:20:50 +02:00
jorgectf
2ccc6dc092 Merge branch 'main' into jorgectf/python/ldapinsecureauth 2021-09-14 09:32:19 +02:00
jorgectf
18b05bc56e Fix tests and add global option 2021-09-12 20:35:57 +02:00
jorgectf
eee9b3f39e Merge remote-tracking branch 'origin/main' into jorgectf/python/headerInjection 2021-09-07 19:54:58 +02:00
Anders Schack-Mulligen
f30dad7705 Dataflow: Update test expected outputs. 2021-09-07 13:02:20 +02:00
jorgectf
64b305cf7a Add .qhelp along with its example 2021-08-26 23:29:45 +02:00
jorgectf
786edb72df Update .expected 2021-08-26 12:36:34 +02:00
jorgectf
e6ce10b5c5 Merge remote-tracking branch 'origin/main' into jty/python/nosqlInjection 2021-08-10 20:01:08 +02:00
jorgectf
c8a7f48d6e Add .expected 2021-07-25 18:18:38 +02:00
jorgectf
983465963a Polish CookieWrite 2021-07-25 18:18:29 +02:00
jorgectf
8a3e4f14d1 Add tests and .qlref 2021-07-25 04:06:02 +02:00
jorgectf
0aaa9c13bd Merge remote-tracking branch 'origin/jorgectf/python/headerInjection' into jorgectf/python/insecure-cookie 2021-07-25 03:22:16 +02:00