File tree Expand file tree Collapse file tree 1 file changed +5
-7
lines changed
javascript/ql/src/experimental/Security/CWE-614 Expand file tree Collapse file tree 1 file changed +5
-7
lines changed Original file line number Diff line number Diff line change @@ -76,9 +76,7 @@ module Cookie {
7676 * A cookie set using `response.cookie` from `express` module (https://expressjs.com/en/api.html#res.cookie).
7777 */
7878 class InsecureExpressCookieResponse extends Cookie , DataFlow:: MethodCallNode {
79- InsecureExpressCookieResponse ( ) {
80- this .calls ( any ( Express:: ResponseExpr r ) .flow ( ) , "cookie" )
81- }
79+ InsecureExpressCookieResponse ( ) { this .calls ( any ( Express:: ResponseExpr r ) .flow ( ) , "cookie" ) }
8280
8381 override string getKind ( ) { result = "response.cookie" }
8482
@@ -124,10 +122,10 @@ module Cookie {
124122 */
125123 class InsecureJsCookie extends Cookie {
126124 InsecureJsCookie ( ) {
127- this =
128- [ DataFlow:: globalVarRef ( "Cookie" ) ,
129- DataFlow:: globalVarRef ( "Cookie" ) .getAMemberCall ( "noConflict" ) ,
130- DataFlow:: moduleImport ( "js-cookie" ) ] .getAMemberCall ( "set" )
125+ this =
126+ [ DataFlow:: globalVarRef ( "Cookie" ) ,
127+ DataFlow:: globalVarRef ( "Cookie" ) .getAMemberCall ( "noConflict" ) ,
128+ DataFlow:: moduleImport ( "js-cookie" ) ] .getAMemberCall ( "set" )
131129 }
132130
133131 override string getKind ( ) { result = "js-cookie" }
You can’t perform that action at this time.
0 commit comments