hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-22 21:27:04 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,994 Commits 1,783 Branches 169 Tags
e6e5f0dffd8003855ceaa4ec2181a8bf7bfb511e
Commit Graph

11 Commits

Author SHA1 Message Date
Chad Bentz
ce9e61dbfd C#: Add Razor Page handler method parameters as remote flow sources 
ASP.NET Core Razor Page handler method parameters (OnGet, OnPost, etc.)
were not modeled as remote flow sources, causing security queries like
SQL injection to miss vulnerabilities in PageModel subclasses.

This adds AspNetCorePageHandlerMethodParameter, analogous to the existing
AspNetCoreActionMethodParameter for MVC controllers, using the existing
PageModelClass.getAHandlerMethod() from Razor.qll.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-06-12 19:50:12 -04:00
Michael Nebel
8060d2ff24 C#: Streamline the implementation for ASP.NET Core tainted members. 2026-04-21 13:40:02 +02:00
Michael Nebel
45d4d5138a C#: Update expected test output. 2024-08-21 13:14:12 +02:00
Michael Nebel
c3e0388a75 C#: Add testcase for complex models. 2022-08-19 08:51:39 +02:00
Michael Nebel
bbb6ba088b C#: Add more Map like remote flow source testcases. 2022-08-19 08:10:23 +02:00
Michael Nebel
d2c5266139 C#: Add more test examples. 2022-08-19 08:10:23 +02:00
Michael Nebel
6e5a412150 C#: Make one more ASP.NET routing example. 2022-08-19 08:10:23 +02:00
Michael Nebel
bd6d3c7347 C#: Consider parameters passed to lambdas in MapGet remote flow sources. 2022-08-19 08:10:23 +02:00
Michael Nebel
c8afb1bb94 C#: Update expected test case with new line numbers. 2022-08-19 08:10:23 +02:00
Michael Nebel
1f2f2fff7f C#: Update testcases with examples. 2022-06-16 08:43:06 +02:00
Michael Nebel
ef0a3d0a79 C#: Add testcase for controller parameter types tainted members. 2022-06-16 08:38:31 +02:00