Skip to content

Commit 81e372d

Browse files
committed
Formatting changes
1 parent a64fc2b commit 81e372d

4 files changed

Lines changed: 10 additions & 29 deletions

File tree

java/ql/src/Security/CWE/CWE-346/UnvalidatedCors.java

Lines changed: 3 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -12,9 +12,7 @@
1212
import org.apache.commons.lang3.StringUtils;
1313

1414
public class CorsFilter implements Filter {
15-
public void init(FilterConfig filterConfig) throws ServletException {
16-
// init
17-
}
15+
public void init(FilterConfig filterConfig) throws ServletException {}
1816

1917
public void doFilter(ServletRequest req, ServletResponse res,
2018
FilterChain chain) throws IOException, ServletException {
@@ -23,7 +21,7 @@ public void doFilter(ServletRequest req, ServletResponse res,
2321
String url = request.getHeader("Origin");
2422

2523
if (!StringUtils.isEmpty(url)) {
26-
String val = response.getHeader("Access-Control-Allow-Origin");
24+
String val = response.getHeader("Access-Control-Allow-Origin"); // BAD -> User controlled CORS header.
2725

2826
if (StringUtils.isEmpty(val)) {
2927
response.addHeader("Access-Control-Allow-Origin", url);
@@ -34,7 +32,5 @@ public void doFilter(ServletRequest req, ServletResponse res,
3432
chain.doFilter(req, res);
3533
}
3634

37-
public void destroy() {
38-
// destroy
39-
}
35+
public void destroy() {}
4036
}

java/ql/src/Security/CWE/CWE-346/UnvalidatedCors.ql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ predicate checkAccessControlAllowOriginHeader(Expr expr) {
2828
}
2929

3030
class CorsOriginConfig extends TaintTracking::Configuration {
31-
CorsOriginConfig() { this = "CORSOriginConfig" }
31+
CorsOriginConfig() { this = "CorsOriginConfig" }
3232

3333
override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
3434

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
edges
2-
| UnvalidatedCors.java:34:22:34:48 | getHeader(...) : String | UnvalidatedCors.java:40:67:40:69 | url |
2+
| UnvalidatedCors.java:21:22:21:48 | getHeader(...) : String | UnvalidatedCors.java:27:67:27:69 | url |
33
nodes
4-
| UnvalidatedCors.java:34:22:34:48 | getHeader(...) : String | semmle.label | getHeader(...) : String |
5-
| UnvalidatedCors.java:40:67:40:69 | url | semmle.label | url |
4+
| UnvalidatedCors.java:21:22:21:48 | getHeader(...) : String | semmle.label | getHeader(...) : String |
5+
| UnvalidatedCors.java:27:67:27:69 | url | semmle.label | url |
66
#select
7-
| UnvalidatedCors.java:40:67:40:69 | url | UnvalidatedCors.java:34:22:34:48 | getHeader(...) : String | UnvalidatedCors.java:40:67:40:69 | url | Cors header is being set using user controlled value $@. | UnvalidatedCors.java:34:22:34:48 | getHeader(...) | user-provided value |
7+
| UnvalidatedCors.java:27:67:27:69 | url | UnvalidatedCors.java:21:22:21:48 | getHeader(...) : String | UnvalidatedCors.java:27:67:27:69 | url | Cors header is being set using user controlled value $@. | UnvalidatedCors.java:21:22:21:48 | getHeader(...) | user-provided value |

java/ql/test/query-tests/security/CWE-346/UnvalidatedCors.java

Lines changed: 2 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,3 @@
1-
package com.mossle.core.servlet;
2-
31
import java.io.IOException;
42

53
import javax.servlet.Filter;
@@ -13,19 +11,8 @@
1311

1412
import org.apache.commons.lang3.StringUtils;
1513

16-
/**
17-
* <pre>
18-
* <script>
19-
* $(function () {
20-
* $.ajaxSetup({crossDomain: true, xhrFields: {withCredentials: true}});
21-
* });
22-
* </script>
23-
* </pre>
24-
*/
2514
public class UnvalidatedCors implements Filter {
26-
public void init(FilterConfig filterConfig) throws ServletException {
27-
// init
28-
}
15+
public void init(FilterConfig filterConfig) throws ServletException {}
2916

3017
public void doFilter(ServletRequest req, ServletResponse res,
3118
FilterChain chain) throws IOException, ServletException {
@@ -45,8 +32,6 @@ public void doFilter(ServletRequest req, ServletResponse res,
4532
chain.doFilter(req, res);
4633
}
4734

48-
public void destroy() {
49-
// destroy
50-
}
35+
public void destroy() {}
5136
}
5237

0 commit comments

Comments
 (0)