Rasmus Wriedt Larsen
7afe3972d8
Revert "Merge pull request #5171 from RasmusWL/restructure-queries"
...
This reverts commit 8caafb3710ec79094957
2021-02-17 16:32:53 +01:00
Rasmus Wriedt Larsen
3a18881660
Python: Restructure query file location
...
Since I can never remember the CWE numbers
2021-02-16 11:36:10 +01:00
Rasmus Wriedt Larsen
d38c48d2c8
Python: Move ReflectedXSS configuration to own file
2020-11-06 14:24:31 +01:00
Taus Brock-Nannestad
fb6a02e060
Python: More import fixups
2020-11-02 22:17:42 +01:00
Taus Brock-Nannestad
f903e4ffbe
Python: Promote experimental queries
...
DO NOT MERGE
Also adds performance fix to `python.qll`.
2020-10-30 19:40:56 +01:00
Taus Brock-Nannestad
f07a7bf8cf
Python: Autoformat everything using qlformat.
...
Will need subsequent PRs fixing up test failures (due to deprecated
methods moving around), but other than that everything should be
straight-forward.
2020-07-07 15:43:52 +02:00
Rasmus Wriedt Larsen
6cba2fe4f8
Python: Model Django response sinks that are not vuln to XSS
...
Since HttpResponse is not *only* used for XSS, it is still valuable to know the
content is send as part of the response.
The *proper* solution to this problem of not all HttpResponses being vulnerable
to XSS is probably to define a new abstract class in Http.qll called
HttpResponseXSSVulnerableSink (or similar). I would like to model a few more
libraries/frameworks before fully comitting to an approach though.
2020-05-26 16:45:46 +02:00
Taus Brock-Nannestad
87a9f51c78
Python: Autoformat all .ql files.
2020-03-30 11:59:10 +02:00
Rasmus Wriedt Larsen
6d5a8e4995
Python: Fix typos
2020-02-17 14:34:22 +01:00
Rasmus Wriedt Larsen
6b5b28aded
Python: Add Value.getABooleanValue and Value.getDefiniteBooleanValue
...
Replacing `Value.booleanValue`. We wanted to match `Object.booleanValue` that
only gives a result if it is either `true` or `false`, but also wanted to keep
the flexibility to see if the Value _could_ be `true`/`false`. We don't have a
motivating usecase, so let's see if we ever need it :P
+ fix modernisation regression on py/jinja2/autoescape-false
2020-02-04 11:42:11 +01:00
Rasmus Wriedt Larsen
e5abfd0196
Python: Modernise Security/ queries
2020-02-04 11:42:11 +01:00
Rasmus Wriedt Larsen
5bc592514a
Python: Consistenly use "a user-provided value"
...
ReflectedXss was the only query that used it with the "a"
2020-02-03 14:35:09 +01:00
Rasmus Wriedt Larsen
2648e34f1a
Python: Autoformat security
2020-01-31 14:49:18 +01:00
Sauyon Lee
0040c9fb4c
Update links to OWASP cheat sheet
2019-11-06 20:21:47 -08:00
Mark Shannon
52b3f77f4f
Fix typo.
2019-04-08 15:47:49 +01:00
Mark Shannon
3bcd445a32
Python change 'SimpleHttpResponseTaintSink' to 'HttpResponseTaintSink'.
2019-04-04 14:45:37 +01:00
Mark Shannon
f8c43ca40b
Python: make sure all django and flask request sources conform to interface.
2019-04-04 10:56:45 +01:00
Mark Shannon
64e8be6ed1
Python: Use new taint-tracking query in reflected-xss query.
2019-04-04 10:56:44 +01:00
Mark Shannon
98be27a73e
Python: Add 'attr' predicate as a synomnym for 'getAttribute' to help readability.
2019-02-20 11:08:44 +00:00
Mark Shannon
21246dcbf2
Python: clean up change notes and query help.
2018-11-28 15:02:47 +00:00
Mark Shannon
eefb45c94b
Python: jinja2-without-escaping query: Clean up query and account for Template class in tests.
2018-11-28 10:46:44 +00:00
Mark Shannon
243280dc00
Python: New query to check for use of jinja2 templates without auto-escaping.
2018-11-28 10:45:19 +00:00
Mark Shannon
61bd8682df
Python: Improve API and representation of taint tracking nodes. Update queries and tests accordingly.
2018-11-23 12:32:14 +00:00
Mark Shannon
722d89fc75
Upgrade taint-tracking security queries to path-problem queries.
2018-11-22 11:05:01 +00:00
Mark Shannon
e930b43bf3
Python security queries. Choose a precision reflecting actual precision for Security queries.
2018-11-19 17:10:40 +00:00
Mark Shannon
5f58824d1b
Initial commit of Python queries and QL libraries.
2018-11-19 15:10:42 +00:00
