Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 12f35bc

Browse files
smowtonsmowton
committed
Add missing tests for RevelHeader mutators
1 parent 2024747 commit 12f35bc

1 file changed

Lines changed: 24 additions & 0 deletions

File tree

  • go/ql/test/library-tests/semmle/go/frameworks/Revel

go/ql/test/library-tests/semmle/go/frameworks/Revel/Revel.go

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -128,3 +128,27 @@ func accessingHeaders(c *revel.Controller) {
128128
tainted2 := c.Request.Header.GetAll("somekey")
129129
sink(tainted2[0])
130130
}
131+
132+
func headerMutators(c *revel.Controller) {
133+
tainted := c.Request.UserAgent()
134+
135+
var cleanHeaders revel.RevelHeader
136+
cleanHeaders.Set(tainted, "clean")
137+
sink(cleanHeaders.Get("clean"))
138+
139+
var cleanHeaders2 revel.RevelHeader
140+
cleanHeaders2.Set("clean", tainted)
141+
sink(cleanHeaders2.Get("clean"))
142+
143+
var cleanHeaders3 revel.RevelHeader
144+
cleanHeaders3.Add(tainted, "clean")
145+
sink(cleanHeaders3.Get("clean"))
146+
147+
var cleanHeaders4 revel.RevelHeader
148+
cleanHeaders4.Add("clean", tainted)
149+
sink(cleanHeaders4.Get("clean"))
150+
151+
var cleanHeaders5 revel.RevelHeader
152+
cleanHeaders5.SetCookie(tainted)
153+
sink(cleanHeaders5.Get("clean"))
154+
}

0 commit comments

Comments
 (0)