Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit ee33c59

Browse files
asgerfasgerf
committed
JS: Autoformat
1 parent 0f27bff commit ee33c59

3 files changed

Lines changed: 28 additions & 53 deletions

File tree

javascript/ql/src/semmle/javascript/frameworks/Express.qll

Lines changed: 6 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -976,25 +976,18 @@ module Express {
976976
/**
977977
* A call to the Express `res.render()` method, seen as a template instantiation.
978978
*/
979-
private class RenderCallAsTemplateInstantiation extends Templating::TemplateInstantiaton::Range, DataFlow::CallNode {
979+
private class RenderCallAsTemplateInstantiation extends Templating::TemplateInstantiaton::Range,
980+
DataFlow::CallNode {
980981
RenderCallAsTemplateInstantiation() {
981982
this = any(ResponseSource res).ref().getAMethodCall("render")
982983
}
983984

984-
override DataFlow::Node getTemplateFileNode() {
985-
result = getArgument(0)
986-
}
985+
override DataFlow::Node getTemplateFileNode() { result = getArgument(0) }
987986

988-
override DataFlow::Node getTemplateContentNode() {
989-
none()
990-
}
987+
override DataFlow::Node getTemplateContentNode() { none() }
991988

992-
override DataFlow::Node getTemplateParamsNode() {
993-
result = getArgument(1)
994-
}
989+
override DataFlow::Node getTemplateParamsNode() { result = getArgument(1) }
995990

996-
override DataFlow::SourceNode getOutput() {
997-
result = getCallback(2).getParameter(1)
998-
}
991+
override DataFlow::SourceNode getOutput() { result = getCallback(2).getParameter(1) }
999992
}
1000993
}

javascript/ql/src/semmle/javascript/frameworks/Templating.qll

Lines changed: 21 additions & 37 deletions
Original file line numberDiff line numberDiff line change
@@ -88,17 +88,15 @@ module Templating {
8888
* which cancels out the benefit of HTML escaping.
8989
*/
9090
predicate isInCodeAttribute() {
91-
exists(TopLevel code |
92-
code = getParent().(HTML::Attribute).getCodeInAttribute()
93-
|
91+
exists(TopLevel code | code = getParent().(HTML::Attribute).getCodeInAttribute() |
9492
code instanceof EventHandlerCode or
9593
code instanceof JavaScriptURL
9694
)
9795
}
9896

9997
/** Holds if this placeholder occurs in JS code. */
100-
predicate isInCodeContext() {
101-
isInScriptTag() or isInCodeAttribute()
98+
predicate isInCodeContext() { isInScriptTag() or isInCodeAttribute() }
99+
102100
/**
103101
* Holds if this placeholder occurs in the definition of another template, which means the output
104102
* is susceptible to code injection.
@@ -115,9 +113,7 @@ module Templating {
115113
* Holds if this occurs in generated code as an expression or statement,
116114
* that is, without being enclosed in a string literal or similar.
117115
*/
118-
predicate isInPlainCodeContext() {
119-
this = any(GeneratedCodeExpr e).getPlaceholderTag()
120-
}
116+
predicate isInPlainCodeContext() { this = any(GeneratedCodeExpr e).getPlaceholderTag() }
121117
}
122118

123119
/**
@@ -175,7 +171,7 @@ module Templating {
175171
*/
176172
class TemplateInstantiaton extends DataFlow::Node {
177173
TemplateInstantiaton::Range range;
178-
174+
179175
TemplateInstantiaton() { this = range }
180176

181177
/** Gets a data flow node that refers to the instantiated template string, if any. */
@@ -201,13 +197,13 @@ module Templating {
201197
abstract class Range extends DataFlow::Node {
202198
/** Gets a data flow node that refers to the instantiated template, if any. */
203199
abstract DataFlow::SourceNode getOutput();
204-
200+
205201
/** Gets a data flow node that refers a template file to be instantiated, if any. */
206202
abstract DataFlow::Node getTemplateFileNode();
207-
203+
208204
/** Gets a data flow node that refers to the contents of the template to be instantiated, if any. */
209205
abstract DataFlow::Node getTemplateContentNode();
210-
206+
211207
/** Gets a data flow node that refers to an object whose properties become variables in the template. */
212208
abstract DataFlow::Node getTemplateParamsNode();
213209
}
@@ -291,9 +287,7 @@ module Templating {
291287

292288
/** Get file argument of a template instantiation, seen as a template file reference. */
293289
private class DefaultTemplateFileReference extends TemplateFileReference {
294-
DefaultTemplateFileReference() {
295-
this = any(TemplateInstantiaton inst).getTemplateFileNode()
296-
}
290+
DefaultTemplateFileReference() { this = any(TemplateInstantiaton inst).getTemplateFileNode() }
297291
}
298292

299293
/**
@@ -478,20 +472,18 @@ module Templating {
478472
private class MustacheStyleSyntax extends TemplateSyntax {
479473
MustacheStyleSyntax() { this = "mustache" }
480474

481-
override string getRawInterpolationRegexp() {
482-
result = "(?s)\\{\\{\\{(.*?)\\}\\}\\}"
483-
}
475+
override string getRawInterpolationRegexp() { result = "(?s)\\{\\{\\{(.*?)\\}\\}\\}" }
484476

485-
override string getEscapingInterpolationRegexp() {
486-
result = "(?s)\\{\\{[^{](.*?)\\}\\}"
487-
}
477+
override string getEscapingInterpolationRegexp() { result = "(?s)\\{\\{[^{](.*?)\\}\\}" }
488478

489-
override string getAFileExtension() {
490-
result = "hbs"
491-
}
479+
override string getAFileExtension() { result = "hbs" }
492480

493481
override string getAPackageName() {
494-
result = ["mustache", "handlebars", "hbs", "express-hbs", "swig", "swig-templates", "hogan", "hogan.js", "nunjucks"]
482+
result =
483+
[
484+
"mustache", "handlebars", "hbs", "express-hbs", "swig", "swig-templates", "hogan",
485+
"hogan.js", "nunjucks"
486+
]
495487
}
496488
}
497489

@@ -502,21 +494,13 @@ module Templating {
502494
private class EjsStyleSyntax extends TemplateSyntax {
503495
EjsStyleSyntax() { this = "ejs" }
504496

505-
override string getRawInterpolationRegexp() {
506-
result = "(?s)<%-(.*?)%>"
507-
}
497+
override string getRawInterpolationRegexp() { result = "(?s)<%-(.*?)%>" }
508498

509-
override string getEscapingInterpolationRegexp() {
510-
result = "(?s)<%=(.*?)%>"
511-
}
499+
override string getEscapingInterpolationRegexp() { result = "(?s)<%=(.*?)%>" }
512500

513-
override string getAFileExtension() {
514-
result = "ejs"
515-
}
501+
override string getAFileExtension() { result = "ejs" }
516502

517-
override string getAPackageName() {
518-
result = "ejs"
519-
}
503+
override string getAPackageName() { result = "ejs" }
520504
}
521505

522506
private TemplateSyntax getOwnTemplateSyntaxInFolder(Folder f) {

javascript/ql/src/semmle/javascript/security/dataflow/Xss.qll

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -386,9 +386,7 @@ module DomBasedXss {
386386
* disabling subsequent HTML escaping.
387387
*/
388388
class SafePipe extends DomBasedXss::Sink {
389-
SafePipe() {
390-
this = Templating::getAPipeCall("safe").getArgument(0)
391-
}
389+
SafePipe() { this = Templating::getAPipeCall("safe").getArgument(0) }
392390
}
393391

394392
/**

0 commit comments

Comments
 (0)