JS: Add test to stress flow through properties

Author: asgerf

javascript/ql/test/library-tests/Routing/route-setups.js

@@ -291,3 +291,10 @@ function withForLoop() {
         sink(req.taint); // NOT OK
     });
 }
+
+function routeHandlersInProps() {
+    let routes = require('./routes');
+    const app = express();
+    app.use(routes.first);
+    app.get('/', routes.second);
+}

javascript/ql/test/library-tests/Routing/routes/first.js

@@ -0,0 +1,6 @@
+export default function first(req, res, next) {
+    req.tainted = source();
+    req.safe = 'safe';
+    next();
+}
+

javascript/ql/test/library-tests/Routing/routes/index.js

@@ -0,0 +1,4 @@
+export default {
+    first: require('./first'),
+    second: require('./second'),
+};

javascript/ql/test/library-tests/Routing/routes/second.js

@@ -0,0 +1,4 @@
+export default function second(req, res) {
+    sink(req.tainted); // NOT OK
+    sink(req.safe); // OK
+}