Skip to content

Commit 28dce6e

Browse files
erik-krogherik-krogh
committed
fix non-monotonic recursion in js/missing-rate-limiting 
1 parent 83252e5 commit 28dce6e

File tree

1 file changed

+1
-5
lines changed

1 file changed

+1
-5
lines changed

javascript/ql/lib/semmle/javascript/security/dataflow/MissingRateLimiting.qll

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ private import semmle.javascript.frameworks.ConnectExpressShared::ConnectExpress
2929
/**
3030
* A route handler that should be rate-limited.
3131
*/
32-
abstract class ExpensiveRouteHandler extends HTTP::RouteHandler {
32+
abstract class ExpensiveRouteHandler extends DataFlow::Node {
3333
Express::RouteHandler impl;
3434

3535
ExpensiveRouteHandler() { this = impl }
@@ -42,10 +42,6 @@ abstract class ExpensiveRouteHandler extends HTTP::RouteHandler {
4242
* `referenceLabel` are ignored and should be bound to dummy values.
4343
*/
4444
abstract predicate explain(string explanation, DataFlow::Node reference, string referenceLabel);
45-
46-
override HTTP::HeaderDefinition getAResponseHeader(string name) {
47-
result = impl.getAResponseHeader(name)
48-
}
4945
}
5046

5147
/**

0 commit comments

Comments
 (0)