12 Commits

Author	SHA1	Message	Date
Joe Farebrother	cea196ec61	Add concepts tests + some fixes	2024-12-09 19:55:42 +00:00
Rasmus Wriedt Larsen	6526364045	Python: Add modeling of flask.render_template_string	2023-06-12 21:18:31 +02:00
Rasmus Wriedt Larsen	fb0133d276	Python: Fix Flask request.files modeling	2022-05-02 14:14:58 +02:00
Rasmus Wriedt Larsen	0c62916af5	Python: Highlight problem with Flask request.files modeling	2022-05-02 14:14:53 +02:00
Rasmus Wriedt Larsen	dac71ded9d	Python: Add Authorization modeling in Flask	2021-07-22 10:43:18 +02:00
Rasmus Wriedt Larsen	133632119d	Python: Model werkzeug Headers ... Also removed a misleading comment link to method on wrong class :D	2021-07-22 10:43:18 +02:00
Rasmus Wriedt Larsen	9cb4899c5c	Python: Add FileStorage modeling in Flask	2021-07-22 10:43:18 +02:00
Rasmus Wriedt Larsen	04190ea308	Python: Add file-like modeling to werkzeug FileStorage	2021-07-22 10:43:18 +02:00
Rasmus Wriedt Larsen	63a2657aef	Merge branch 'main' into inline-taint-tests	2021-04-21 10:02:55 +02:00
Rasmus Wriedt Larsen	3e7dc12246	Python: Port taint tests to use inline expectations ... The meat of this PR is described in the new python/ql/test/experimental/meta/InlineTaintTest.qll file: > Defines a InlineExpectationsTest for checking whether any arguments in > `ensure_tainted` and `ensure_not_tainted` calls are tainted. > > Also defines query predicates to ensure that: > - if any arguments to `ensure_not_tainted` are tainted, their annotation is marked with `SPURIOUS`. > - if any arguments to `ensure_tainted` are not tainted, their annotation is marked with `MISSING`. > > The functionality of this module is tested in `ql/test/experimental/meta/inline-taint-test-demo`.	2021-04-15 18:00:33 +02:00
Rasmus Wriedt Larsen	b359205d17	Python: Add taint tests for .get() in flask	2021-04-15 14:53:44 +02:00
Rasmus Wriedt Larsen	d9079e34e3	Python: Move framework tests out of experimental ... Since they are not experimental anymore 😄	2021-03-19 15:51:54 +01:00