hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
codeql-cli-2.22.0
codeql/swift/ql/test/library-tests/dataflow/flowsources/webview.swift

103 lines
3.0 KiB
Swift
Raw Permalink Blame History

// --- stubs ---
class WKUserContentController {}
class WKScriptMessage {}
protocol WKScriptMessageHandler {
func userContentController(_ userContentController: WKUserContentController, didReceive message: WKScriptMessage)
}
protocol WKNavigationDelegate {
func webView(_: WKWebView, decidePolicyFor: WKNavigationAction, preferences: WKWebpagePreferences, decisionHandler: (WKNavigationActionPolicy, WKWebpagePreferences) -> Void) // $ SPURIOUS?: source=remote
func webView(_: WKWebView, decidePolicyFor: WKNavigationAction, decisionHandler: (WKNavigationActionPolicy) -> Void) // $ SPURIOUS?: source=remote
}
class WKWebView {}
class WKNavigationAction {}
class WKWebpagePreferences {}
enum WKNavigationActionPolicy {}
protocol NSCopying {}
protocol NSObjectProtocol {}
class JSValue {}
class JSContext {
var globalObject: JSValue { get { return JSValue() } }
func objectForKeyedSubscript(_: Any!) -> JSValue! { return JSValue() }
func setObject(_: Any, forKeyedSubscript: (NSCopying & NSObjectProtocol) ) {}
}
protocol JSExport {}
// --- tests ---
class TestMessageHandler: WKScriptMessageHandler {
func userContentController(_ userContentController: WKUserContentController, didReceive message: WKScriptMessage) { // $ source=remote
}
}
func testJsContext(context: JSContext) {
context.globalObject // $ source=remote
context.objectForKeyedSubscript("") // $ source=remote
}
protocol Exported : JSExport {
var tainted: Any { get }
func tainted(arg1: Any, arg2: Any)
}
class ExportedImpl : Exported {
var tainted: Any { get { return "" } }
var notTainted: Any { get { return ""} }
func readFields() {
tainted // $ source=remote
notTainted
}
func tainted(arg1: Any, arg2: Any) { // $ source=remote
}
func notTainted(arg1: Any, arg2: Any) {
}
}
class WebViewDelegate : WKNavigationDelegate {
func webView(_: WKWebView, decidePolicyFor: WKNavigationAction, preferences: WKWebpagePreferences, decisionHandler: (WKNavigationActionPolicy, WKWebpagePreferences) -> Void) {} // $ source=remote
func webView(_: WKWebView, decidePolicyFor: WKNavigationAction, decisionHandler: (WKNavigationActionPolicy) -> Void) {} // $ source=remote
}
class Extended {}
extension Extended : WKNavigationDelegate {
func webView(_: WKWebView, decidePolicyFor: WKNavigationAction, preferences: WKWebpagePreferences, decisionHandler: (WKNavigationActionPolicy, WKWebpagePreferences) -> Void) {} // $ source=remote
func webView(_: WKWebView, decidePolicyFor: WKNavigationAction, decisionHandler: (WKNavigationActionPolicy) -> Void) {} // $ source=remote
}
// ---
typealias JSExportAlias = JSExport
protocol Exported2 : JSExportAlias {
var tainted: Any { get }
}
typealias Exported2Alias = Exported2
class ExportedImpl2 : Exported2Alias {
var tainted: Any { get { return "" } }
var notTainted: Any { get { return ""} }
func readFields() {
tainted // $ source=remote
notTainted
}
}
Reference in New Issue View Git Blame Copy Permalink