Skip to content

Commit

Permalink
Remove experimental versions
Browse files Browse the repository at this point in the history
  • Loading branch information
joefarebrother committed Jul 17, 2024
1 parent 935533b commit 4322665
Show file tree
Hide file tree
Showing 9 changed files with 0 additions and 288 deletions.
15 changes: 0 additions & 15 deletions python/ql/src/experimental/Security/CWE-614/InsecureCookie.py

This file was deleted.

31 changes: 0 additions & 31 deletions python/ql/src/experimental/Security/CWE-614/InsecureCookie.qhelp

This file was deleted.

31 changes: 0 additions & 31 deletions python/ql/src/experimental/Security/CWE-614/InsecureCookie.ql

This file was deleted.

1 change: 0 additions & 1 deletion python/ql/src/experimental/semmle/python/Frameworks.qll
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@

private import experimental.semmle.python.frameworks.AsyncSsh
private import experimental.semmle.python.frameworks.Stdlib
private import experimental.semmle.python.frameworks.Flask
private import experimental.semmle.python.frameworks.Django
private import experimental.semmle.python.frameworks.LDAP
private import experimental.semmle.python.frameworks.Netmiko
Expand Down
67 changes: 0 additions & 67 deletions python/ql/src/experimental/semmle/python/frameworks/Django.qll
Original file line number Diff line number Diff line change
Expand Up @@ -87,73 +87,6 @@ private module ExperimentalPrivateDjango {
or
result = baseClassRef().getReturn().getAMember()
}

/**
* Gets a call to `set_cookie()`.
*
* Given the following example:
*
* ```py
* def django_response(request):
* resp = django.http.HttpResponse()
* resp.set_cookie("name", "value", secure=True, httponly=True, samesite='Lax')
* return resp
* ```
*
* * `this` would be `resp.set_cookie("name", "value", secure=False, httponly=False, samesite='None')`.
* * `getName()`'s result would be `"name"`.
* * `getValue()`'s result would be `"value"`.
* * `isSecure()` predicate would succeed.
* * `isHttpOnly()` predicate would succeed.
* * `isSameSite()` predicate would succeed.
*/
class DjangoResponseSetCookieCall extends DataFlow::MethodCallNode,
Http::Server::CookieWrite::Range
{
DjangoResponseSetCookieCall() {
this.calls(PrivateDjango::DjangoImpl::DjangoHttp::Response::HttpResponse::instance(),
"set_cookie")
}

override DataFlow::Node getNameArg() {
result in [this.getArg(0), this.getArgByName("key")]
}

override DataFlow::Node getValueArg() {
result in [this.getArg(1), this.getArgByName("value")]
}

override predicate hasSecureFlag(boolean b) {
if
DataFlow::exprNode(any(True t))
.(DataFlow::LocalSourceNode)
.flowsTo(this.(DataFlow::CallCfgNode).getArgByName("secure"))
then b = true
else b = false
}

override predicate hasHttpOnlyFlag(boolean b) {
if
DataFlow::exprNode(any(True t))
.(DataFlow::LocalSourceNode)
.flowsTo(this.(DataFlow::CallCfgNode).getArgByName("httponly"))
then b = true
else b = false
}

// override predicate hasSameSiteFlag(boolean b) {
// if
// exists(StringLiteral str |
// str.getText() in ["Strict", "Lax"] and
// DataFlow::exprNode(str)
// .(DataFlow::LocalSourceNode)
// .flowsTo(this.(DataFlow::CallCfgNode).getArgByName("samesite"))
// )
// then b = true
// else b = false
// }
override DataFlow::Node getHeaderArg() { none() }
}
}
}
}
Expand Down
72 changes: 0 additions & 72 deletions python/ql/src/experimental/semmle/python/frameworks/Flask.qll

This file was deleted.

This file was deleted.

This file was deleted.

This file was deleted.

0 comments on commit 4322665

Please sign in to comment.