Rename Razor Page class to Razor View class

joefarebrother · joefarebrother · commit f24c042d0424 · 2023-11-23T10:56:45.000Z
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/Razor.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/Razor.qll
@@ -64,11 +64,11 @@ private class ViewCall extends MethodCall {
   boolean hasArea() { if exists(this.getAreaName()) then result = true else result = false }
 }
 
-/** A compiler-generated Razor page. */
-class RazorPageClass extends Class {
+/** A compiler-generated Razor page from a `.cshtml` file. */
+class RazorViewClass extends Class {
   AssemblyAttribute attr;
 
-  RazorPageClass() {
+  RazorViewClass() {
     exists(Class baseClass | baseClass = this.getBaseClass().getUnboundDeclaration() |
       baseClass.hasQualifiedName("Microsoft.AspNetCore.Mvc.Razor", "RazorPage<>")
       or
@@ -103,7 +103,7 @@ private string getARazorPathPrefix() {
 }
 
 private class ViewCallJumpNode extends DataFlow::NonLocalJumpNode {
-  RazorPageClass rp;
+  RazorViewClass rp;
 
   ViewCallJumpNode() {
     exists(ViewCall vc |
@@ -122,23 +122,23 @@ private class ViewCallJumpNode extends DataFlow::NonLocalJumpNode {
   }
 }
 
-private predicate viewCallRefersToPage(ViewCall vc, RazorPageClass rp) {
+private predicate viewCallRefersToPage(ViewCall vc, RazorViewClass rp) {
   viewCallRefersToPageAbsolute(vc, rp) or
   viewCallRefersToPageRelative(vc, rp)
 }
 
 bindingset[path]
 private string stripTilde(string path) { result = path.regexpReplaceAll("^~/", "/") }
 
-private predicate viewCallRefersToPageAbsolute(ViewCall vc, RazorPageClass rp) {
+private predicate viewCallRefersToPageAbsolute(ViewCall vc, RazorViewClass rp) {
   getARazorPathPrefix() + ["/", ""] + stripTilde(vc.getNameArgument()) = rp.getSourceFilepath()
 }
 
-private predicate viewCallRefersToPageRelative(ViewCall vc, RazorPageClass rp) {
-  rp = min(int i, RazorPageClass rp2 | matchesViewCallWithIndex(vc, rp2, i) | rp2 order by i)
+private predicate viewCallRefersToPageRelative(ViewCall vc, RazorViewClass rp) {
+  rp = min(int i, RazorViewClass rp2 | matchesViewCallWithIndex(vc, rp2, i) | rp2 order by i)
 }
 
-private predicate matchesViewCallWithIndex(ViewCall vc, RazorPageClass rp, int i) {
+private predicate matchesViewCallWithIndex(ViewCall vc, RazorViewClass rp, int i) {
   exists(RelativeViewCallFilepath fp |
     fp.hasViewCallWithIndex(vc, i) and
     getARazorPathPrefix() + fp.getNormalizedPath() = rp.getSourceFilepath()
diff --git a/csharp/ql/src/change-notes/2023-10-24-xss-flow-steps.md b/csharp/ql/src/change-notes/2023-10-24-xss-flow-steps.md
@@ -1,4 +1,4 @@
 ---
 category: minorAnalysis
 ---
-* Modelled additional flow steps to track flow from a `View` call in an MVC controller to the corresponding Razor page, which may result in additional results for queries such as `cs/web/xss`.
+* Modelled additional flow steps to track flow from a `View` call in an MVC controller to the corresponding Razor View (`.cshtml`) file, which may result in additional results for queries such as `cs/web/xss`.
