hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
66737402c20fc83b3d3a654dcccf4b26c901b100
codeql/javascript/ql/test/library-tests/frameworks/Nest/test.ql
Asger F b07c5c6ee0 JS: Add test
2025-01-29 13:49:43 +01:00

31 lines
962 B
Plaintext
Raw Blame History

import javascript
private import semmle.javascript.security.dataflow.ServerSideUrlRedirectCustomizations
private import utils.test.InlineFlowTest
query Http::RouteHandler routeHandler() { any() }
query Http::Servers::RequestSource requestSource() { any() }
query Http::Servers::ResponseSource responseSource() { any() }
query RemoteFlowSource requestInputAccess(string kind) {
kind = result.(Http::RequestInputAccess).getKind()
or
not result instanceof Http::RequestInputAccess and
kind = "RemoteFlowSource"
}
query Http::ResponseSendArgument responseSendArgument() { any() }
query ServerSideUrlRedirect::Sink redirectSink() { any() }
module TestConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node node) { node instanceof RemoteFlowSource }
predicate isSink(DataFlow::Node node) {
exists(DataFlow::CallNode call | call.getCalleeName() = "sink" and node = call.getArgument(0))
}
}
import ValueFlowTest<TestConfig>
Reference in New Issue View Git Blame Copy Permalink