hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-23 23:57:06 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
157a1550e01f10d488d5d2cdc6acdb25ae3f82ad
codeql/java/ql/test/library-tests/frameworks/micronaut/MicronautControllerTest.java
Nicolas Will cf31af77c9 Add Micronaut framework support for Java QL 
Add CodeQL support for Micronaut: add MaD models for HTTP, HTTP client and multipart (sources, sinks and summary propagation), new framework QLL modules (Controller, WebSocket, Config, Data, Security). Add library tests and query tests exercising request inputs, file uploads, HttpClient sinks (SSRF), header sinks (response-splitting) and redirect sinks (open-redirect), plus expected results and extractor options. Include Micronaut 4.x stubs used by the tests.
2026-02-27 17:17:07 +01:00

96 lines
2.1 KiB
Java
Raw Blame History

import io.micronaut.http.annotation.*;
import io.micronaut.http.*;
import java.io.InputStream;
import java.io.Reader;
@Controller("/test")
class MicronautControllerTest {
void sink(Object o) {}
@Get("/path/{id}")
void testPathVariable(@PathVariable String id) {
sink(id); // $hasTaintFlow
}
@Get("/query")
void testQueryValue(@QueryValue String name) {
sink(name); // $hasTaintFlow
}
@Post("/body")
void testBody(@Body String body) {
sink(body); // $hasTaintFlow
}
@Get("/header")
void testHeader(@Header String authorization) {
sink(authorization); // $hasTaintFlow
}
@Get("/cookie")
void testCookieValue(@CookieValue String sessionId) {
sink(sessionId); // $hasTaintFlow
}
@Post("/part")
void testPart(@Part String name) {
sink(name); // $hasTaintFlow
}
@Get("/attr")
void testRequestAttribute(@RequestAttribute String attr) {
sink(attr); // $hasTaintFlow
}
@Post("/bean")
void testRequestBean(@RequestBean Object bean) {
sink(bean); // $hasTaintFlow
}
@Get("/implicit")
void testImplicitParam(String implicitParam) {
sink(implicitParam); // $hasTaintFlow
}
@Get("/request")
void testHttpRequest(HttpRequest<String> request) {
sink(request); // $hasTaintFlow
}
@Post("/stream")
void testInputStream(InputStream stream) {
sink(stream); // $hasTaintFlow
}
@Post("/reader")
void testReader(Reader reader) {
sink(reader); // $hasTaintFlow
}
@Post("/post")
void testPostMethod(@Body String data) {
sink(data); // $hasTaintFlow
}
@Put("/put")
void testPutMethod(@Body String data) {
sink(data); // $hasTaintFlow
}
@Delete("/delete/{id}")
void testDeleteMethod(@PathVariable String id) {
sink(id); // $hasTaintFlow
}
@Patch("/patch")
void testPatchMethod(@Body String data) {
sink(data); // $hasTaintFlow
}
@io.micronaut.http.annotation.Error
void testErrorHandler(HttpRequest<?> request) {
sink(request); // $hasTaintFlow
}
}
Reference in New Issue View Git Blame Copy Permalink