Move BrowserInjectionFieldQuery's dataflow config to qll file to resolve compiler warning about unused isAdditionalLoadStep

Jami Cogswell · Jami Cogswell · commit 88177cada44c · 2025-04-29T12:51:30.000-04:00
diff --git a/javascript/lib/browserextension/BrowserInjectionFieldQuery.qll b/javascript/lib/browserextension/BrowserInjectionFieldQuery.qll
@@ -0,0 +1,47 @@
+ import javascript
+ private import browserextension.BrowserInjectionFieldCustomizations::BrowserInjection
+ private import semmle.javascript.security.dataflow.XssThroughDomCustomizations::XssThroughDom as XssThroughDom
+
+ //private import semmle.javascript.security.dataflow.DomBasedXssCustomizations
+ //private import semmle.javascript.security.dataflow.XssThroughDomCustomizations::XssThroughDom as XssThroughDom
+
+ //private import semmle.javascript.security.dataflow.CodeInjectionCustomizations
+
+   module Config implements DataFlow::ConfigSig {
+
+    predicate isSource(DataFlow::Node source) {
+       source instanceof Source
+     }
+
+    predicate isSink(DataFlow::Node sink) {
+       sink instanceof Sink
+     }
+
+    additional predicate isAdditionalLoadStep(DataFlow::Node pred, DataFlow::Node succ, string prop) {
+       (pred = succ) and
+       ((pred instanceof Update and prop = ["url", "openerTabId"])
+       or
+       (pred instanceof DownloadsDangerous and prop = ["body", "conflictAction","filename", "url", "method"])
+       or
+       (pred instanceof Delete and prop = ["startTime", "endTime", "url"])
+       //or
+       //(pred instanceof SetContentSettings and succ instanceof SetContentSettings and prop = any(string s))
+       //or
+       //(pred instanceof GetContentSettings and succ instanceof GetContentSettings and prop = any(string s))
+        //(pred instanceof StorageSet and succ instanceof StorageSet and prop = any(string s))
+       //or
+       //(pred instanceof SearchHistory and prop = any(string s))
+       or
+       (pred instanceof GetCookie and prop = ["domain", "firstPartyDomain", "name", "url", "session", "path", "storeId"])
+       or
+       (pred instanceof UpdateBookmarks and prop= ["title", "url"])
+       or
+       (pred = succ and pred instanceof RemoveBrowsingData and prop = ["cookieStoreId", "hostnames", "originTypes", "since"])
+       or
+       (pred = succ and pred instanceof AddHistory and prop = ["url"])
+       or
+       (pred = succ and pred instanceof CreateWindows and prop = ["url"]))
+     }
+   }
+
+   module ConfigFlow = TaintTracking::Global<Config>;
diff --git a/javascript/src/audit/browserAPI/BrowserInjectionFieldQuery.ql b/javascript/src/audit/browserAPI/BrowserInjectionFieldQuery.ql
@@ -12,54 +12,7 @@
 
  import javascript
  import ConfigFlow::PathGraph
- import DataFlow
- import browserextension.BrowserInjectionFieldCustomizations::BrowserInjection
- private import semmle.javascript.security.dataflow.XssThroughDomCustomizations::XssThroughDom as XssThroughDom
-
- //private import semmle.javascript.security.dataflow.DomBasedXssCustomizations
- //private import semmle.javascript.security.dataflow.XssThroughDomCustomizations::XssThroughDom as XssThroughDom
-
- //private import semmle.javascript.security.dataflow.CodeInjectionCustomizations
-
-   module Config implements DataFlow::ConfigSig {
-
-    predicate isSource(DataFlow::Node source) {
-       source instanceof Source
-     }
-
-    predicate isSink(DataFlow::Node sink) {
-       sink instanceof Sink
-     }
-
-    additional predicate isAdditionalLoadStep(DataFlow::Node pred, DataFlow::Node succ, string prop) {
-       (pred = succ) and
-       ((pred instanceof Update and prop = ["url", "openerTabId"])
-       or
-       (pred instanceof DownloadsDangerous and prop = ["body", "conflictAction","filename", "url", "method"])
-       or
-       (pred instanceof Delete and prop = ["startTime", "endTime", "url"])
-       //or
-       //(pred instanceof SetContentSettings and succ instanceof SetContentSettings and prop = any(string s))
-       //or
-       //(pred instanceof GetContentSettings and succ instanceof GetContentSettings and prop = any(string s))
-        //(pred instanceof StorageSet and succ instanceof StorageSet and prop = any(string s))
-       //or
-       //(pred instanceof SearchHistory and prop = any(string s))
-       or
-       (pred instanceof GetCookie and prop = ["domain", "firstPartyDomain", "name", "url", "session", "path", "storeId"])
-       or
-       (pred instanceof UpdateBookmarks and prop= ["title", "url"])
-       or
-       (pred = succ and pred instanceof RemoveBrowsingData and prop = ["cookieStoreId", "hostnames", "originTypes", "since"])
-       or
-       (pred = succ and pred instanceof AddHistory and prop = ["url"])
-       or
-       (pred = succ and pred instanceof CreateWindows and prop = ["url"]))
-     }
-   }
-
-   module ConfigFlow = TaintTracking::Global<Config>;
-
+ import browserextension.BrowserInjectionFieldQuery
 
    from ConfigFlow::PathNode source, ConfigFlow::PathNode sink
    where ConfigFlow::flowPath(source, sink)
