Ruby: Minor refactor

hmac · hmac · commit 5adcdf1cf8d2 · 2022-02-02T17:32:11.000+13:00
diff --git a/ruby/ql/lib/codeql/ruby/security/UrlRedirectCustomizations.qll b/ruby/ql/lib/codeql/ruby/security/UrlRedirectCustomizations.qll
@@ -68,11 +68,7 @@ module UrlRedirect {
           // Otherwise, we have to rely on a heuristic to filter out invulnerable handlers.
           // We exclude any handlers with names containing create/update/destroy, as these are not likely to handle GET requests.
           not exists(method.(ActionControllerActionMethod).getARoute()) and
-          not this.asExpr()
-              .getExpr()
-              .getEnclosingMethod()
-              .getName()
-              .regexpMatch(".*(create|update|destroy).*")
+          not method.getName().regexpMatch(".*(create|update|destroy).*")
         )
       )
     }

Original file line number	Diff line number	Diff line change
`@@ -68,11 +68,7 @@ module UrlRedirect {`
`68`	`68`	`// Otherwise, we have to rely on a heuristic to filter out invulnerable handlers.`
`69`	`69`	`// We exclude any handlers with names containing create/update/destroy, as these are not likely to handle GET requests.`
`70`	`70`	`not exists(method.(ActionControllerActionMethod).getARoute()) and`
`71`		`- not this.asExpr()`
`72`		`- .getExpr()`
`73`		`- .getEnclosingMethod()`
`74`		`- .getName()`
`75`		`- .regexpMatch(".(create\|update\|destroy).")`
	`71`	`+ not method.getName().regexpMatch(".(create\|update\|destroy).")`
`76`	`72`	`)`
`77`	`73`	`)`
`78`	`74`	`}`