@@ -288,6 +288,9 @@ module Routing {
288288 * Gets a node whose value can be accessed via the given access path on the `n`th route handler parameter,
289289 * from any route handler that follows after this one.
290290 *
291+ * This predicate may be overridden by framework models and only accounts for assignments made by the framework;
292+ * not necessarily assignments that are explicit in the application code.
293+ *
291294 * For example, in the context of Express, the `app` object is available as `req.app`:
292295 * ```js
293296 * app.get('/', (req, res) => {
@@ -296,10 +299,8 @@ module Routing {
296299 * ```
297300 * This can be modelled by mapping `(0, "app")` to the `app` data-flow node (`n=0` corresponds
298301 * to the `req` parameter).
299- *
300- * This predicate may be overridden by framework models.
301302 */
302- DataFlow:: Node getValueAtAccessPath ( int n , string path ) { none ( ) }
303+ DataFlow:: Node getValueImplicitlyStoredInAccessPath ( int n , string path ) { none ( ) }
303304 }
304305
305306 /** Holds if `pred` and `succ` are adjacent siblings. */
@@ -875,7 +876,9 @@ module Routing {
875876 )
876877 or
877878 // Implicit assignment contributed by framework model
878- exists ( DataFlow:: Node value , string path1 | value = base .getValueAtAccessPath ( n , path1 ) |
879+ exists ( DataFlow:: Node value , string path1 |
880+ value = base .getValueImplicitlyStoredInAccessPath ( n , path1 )
881+ |
879882 result = value and path = path1
880883 or
881884 exists ( string path2 |
0 commit comments