Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 8194c04

Browse files
asgerfasgerf
committed
JS: Merge sources to one class
1 parent 00ed72e commit 8194c04

1 file changed

Lines changed: 3 additions & 10 deletions

File tree

javascript/ql/lib/semmle/javascript/security/dataflow/RequestForgeryCustomizations.qll

Lines changed: 3 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -40,17 +40,10 @@ module RequestForgery {
4040
abstract class Sanitizer extends DataFlow::Node { }
4141

4242
/** A source of server-side remote user input, considered as a flow source for request forgery. */
43-
private class ServerSideSource extends Source instanceof RemoteFlowSource {
44-
ServerSideSource() { not this instanceof ClientSideRemoteFlowSource }
45-
}
46-
47-
private class ClientSideSource extends Source instanceof ClientSideRemoteFlowSource {
48-
ClientSideSource() {
49-
// Reduce FPs by excluding sources from client-side path or URL
50-
not ClientSideRemoteFlowSource.super.getKind().isPathOrUrl()
51-
}
43+
private class RemoteFlowSourceAsSource extends Source instanceof RemoteFlowSource {
44+
RemoteFlowSourceAsSource() { not this.(ClientSideRemoteFlowSource).getKind().isPathOrUrl() }
5245

53-
override predicate isServerSide() { none() }
46+
override predicate isServerSide() { not this instanceof ClientSideRemoteFlowSource }
5447
}
5548

5649
/**

0 commit comments

Comments
 (0)