@@ -185,8 +185,8 @@ private string suspicious() {
185
185
result =
186
186
[
187
187
"%password%" , "%passwd%" , "%pwd%" , "%refresh%token%" , "%secret%token" , "%secret%key" ,
188
- "%passcode%" , "%passphrase%" , "%token%" , "%secret%" , "%credential%" , "%userpass%" ,
189
- "%digest%" , "% signature%", "%mac%"
188
+ "%passcode%" , "%passphrase%" , "%token%" , "%secret%" , "%credential%" , "%userpass%" , "%digest%" ,
189
+ "%signature%" , "%mac%"
190
190
]
191
191
}
192
192
@@ -208,7 +208,8 @@ abstract class ClientSuppliedSecret extends API::CallNode { }
208
208
private class FlaskClientSuppliedSecret extends ClientSuppliedSecret {
209
209
FlaskClientSuppliedSecret ( ) {
210
210
this = Flask:: request ( ) .getMember ( "headers" ) .getMember ( [ "get" , "get_all" , "getlist" ] ) .getACall ( ) and
211
- this .getParameter ( 0 , [ "key" , "name" ] ) .asSink ( ) .asExpr ( ) .( StrConst ) .getText ( ) .toLowerCase ( ) = sensitiveheaders ( )
211
+ this .getParameter ( 0 , [ "key" , "name" ] ) .asSink ( ) .asExpr ( ) .( StrConst ) .getText ( ) .toLowerCase ( ) =
212
+ sensitiveheaders ( )
212
213
}
213
214
}
214
215
@@ -219,7 +220,8 @@ private class DjangoClientSuppliedSecret extends ClientSuppliedSecret {
219
220
.getMember ( [ "headers" , "META" ] )
220
221
.getMember ( "get" )
221
222
.getACall ( ) and
222
- this .getParameter ( 0 , "key" ) .asSink ( ) .asExpr ( ) .( StrConst ) .getText ( ) .toLowerCase ( ) = sensitiveheaders ( )
223
+ this .getParameter ( 0 , "key" ) .asSink ( ) .asExpr ( ) .( StrConst ) .getText ( ) .toLowerCase ( ) =
224
+ sensitiveheaders ( )
223
225
}
224
226
}
225
227
@@ -231,7 +233,8 @@ API::Node requesthandler() {
231
233
private class TornadoClientSuppliedSecret extends ClientSuppliedSecret {
232
234
TornadoClientSuppliedSecret ( ) {
233
235
this = requesthandler ( ) .getMember ( [ "headers" , "META" ] ) .getMember ( "get" ) .getACall ( ) and
234
- this .getParameter ( 0 , "key" ) .asSink ( ) .asExpr ( ) .( StrConst ) .getText ( ) .toLowerCase ( ) = sensitiveheaders ( )
236
+ this .getParameter ( 0 , "key" ) .asSink ( ) .asExpr ( ) .( StrConst ) .getText ( ) .toLowerCase ( ) =
237
+ sensitiveheaders ( )
235
238
}
236
239
}
237
240
@@ -244,7 +247,8 @@ private class WerkzeugClientSuppliedSecret extends ClientSuppliedSecret {
244
247
WerkzeugClientSuppliedSecret ( ) {
245
248
this =
246
249
headers ( ) .getMember ( [ "headers" , "META" ] ) .getMember ( [ "get" , "get_all" , "getlist" ] ) .getACall ( ) and
247
- this .getParameter ( 0 , [ "key" , "name" ] ) .asSink ( ) .asExpr ( ) .( StrConst ) .getText ( ) .toLowerCase ( ) = sensitiveheaders ( )
250
+ this .getParameter ( 0 , [ "key" , "name" ] ) .asSink ( ) .asExpr ( ) .( StrConst ) .getText ( ) .toLowerCase ( ) =
251
+ sensitiveheaders ( )
248
252
}
249
253
}
250
254
0 commit comments