update expected output for experimental query

erik-krogh · erik-krogh · commit 49f5e89f3673 · 2023-01-23T22:29:49.000+01:00
diff --git a/javascript/ql/test/experimental/Security/CWE-918/SSRF.expected b/javascript/ql/test/experimental/Security/CWE-918/SSRF.expected
@@ -15,20 +15,10 @@ nodes
 | check-path.js:19:13:19:43 | 'test.c ... tainted |
 | check-path.js:19:27:19:43 | req.query.tainted |
 | check-path.js:19:27:19:43 | req.query.tainted |
-| check-path.js:22:13:22:63 | 'test.c ... ainted) |
-| check-path.js:22:13:22:63 | 'test.c ... ainted) |
-| check-path.js:22:27:22:63 | encodeU ... ainted) |
-| check-path.js:22:46:22:62 | req.query.tainted |
-| check-path.js:22:46:22:62 | req.query.tainted |
 | check-path.js:23:13:23:45 | `/addre ... inted}` |
 | check-path.js:23:13:23:45 | `/addre ... inted}` |
 | check-path.js:23:27:23:43 | req.query.tainted |
 | check-path.js:23:27:23:43 | req.query.tainted |
-| check-path.js:24:13:24:65 | `/addre ... nted)}` |
-| check-path.js:24:13:24:65 | `/addre ... nted)}` |
-| check-path.js:24:27:24:63 | encodeU ... ainted) |
-| check-path.js:24:46:24:62 | req.query.tainted |
-| check-path.js:24:46:24:62 | req.query.tainted |
 | check-path.js:33:15:33:45 | 'test.c ... tainted |
 | check-path.js:33:15:33:45 | 'test.c ... tainted |
 | check-path.js:33:29:33:45 | req.query.tainted |
@@ -97,18 +87,10 @@ edges
 | check-path.js:19:27:19:43 | req.query.tainted | check-path.js:19:13:19:43 | 'test.c ... tainted |
 | check-path.js:19:27:19:43 | req.query.tainted | check-path.js:19:13:19:43 | 'test.c ... tainted |
 | check-path.js:19:27:19:43 | req.query.tainted | check-path.js:19:13:19:43 | 'test.c ... tainted |
-| check-path.js:22:27:22:63 | encodeU ... ainted) | check-path.js:22:13:22:63 | 'test.c ... ainted) |
-| check-path.js:22:27:22:63 | encodeU ... ainted) | check-path.js:22:13:22:63 | 'test.c ... ainted) |
-| check-path.js:22:46:22:62 | req.query.tainted | check-path.js:22:27:22:63 | encodeU ... ainted) |
-| check-path.js:22:46:22:62 | req.query.tainted | check-path.js:22:27:22:63 | encodeU ... ainted) |
 | check-path.js:23:27:23:43 | req.query.tainted | check-path.js:23:13:23:45 | `/addre ... inted}` |
 | check-path.js:23:27:23:43 | req.query.tainted | check-path.js:23:13:23:45 | `/addre ... inted}` |
 | check-path.js:23:27:23:43 | req.query.tainted | check-path.js:23:13:23:45 | `/addre ... inted}` |
 | check-path.js:23:27:23:43 | req.query.tainted | check-path.js:23:13:23:45 | `/addre ... inted}` |
-| check-path.js:24:27:24:63 | encodeU ... ainted) | check-path.js:24:13:24:65 | `/addre ... nted)}` |
-| check-path.js:24:27:24:63 | encodeU ... ainted) | check-path.js:24:13:24:65 | `/addre ... nted)}` |
-| check-path.js:24:46:24:62 | req.query.tainted | check-path.js:24:27:24:63 | encodeU ... ainted) |
-| check-path.js:24:46:24:62 | req.query.tainted | check-path.js:24:27:24:63 | encodeU ... ainted) |
 | check-path.js:33:29:33:45 | req.query.tainted | check-path.js:33:15:33:45 | 'test.c ... tainted |
 | check-path.js:33:29:33:45 | req.query.tainted | check-path.js:33:15:33:45 | 'test.c ... tainted |
 | check-path.js:33:29:33:45 | req.query.tainted | check-path.js:33:15:33:45 | 'test.c ... tainted |
@@ -167,9 +149,7 @@ edges
 | check-domain.js:26:15:26:27 | req.query.url | check-domain.js:26:15:26:27 | req.query.url | check-domain.js:26:15:26:27 | req.query.url | The URL of this request depends on a user-provided value. |
 | check-middleware.js:9:13:9:43 | "test.c ... tainted | check-middleware.js:9:27:9:43 | req.query.tainted | check-middleware.js:9:13:9:43 | "test.c ... tainted | The URL of this request depends on a user-provided value. |
 | check-path.js:19:13:19:43 | 'test.c ... tainted | check-path.js:19:27:19:43 | req.query.tainted | check-path.js:19:13:19:43 | 'test.c ... tainted | The URL of this request depends on a user-provided value. |
-| check-path.js:22:13:22:63 | 'test.c ... ainted) | check-path.js:22:46:22:62 | req.query.tainted | check-path.js:22:13:22:63 | 'test.c ... ainted) | The URL of this request depends on a user-provided value. |
 | check-path.js:23:13:23:45 | `/addre ... inted}` | check-path.js:23:27:23:43 | req.query.tainted | check-path.js:23:13:23:45 | `/addre ... inted}` | The URL of this request depends on a user-provided value. |
-| check-path.js:24:13:24:65 | `/addre ... nted)}` | check-path.js:24:46:24:62 | req.query.tainted | check-path.js:24:13:24:65 | `/addre ... nted)}` | The URL of this request depends on a user-provided value. |
 | check-path.js:33:15:33:45 | 'test.c ... tainted | check-path.js:33:29:33:45 | req.query.tainted | check-path.js:33:15:33:45 | 'test.c ... tainted | The URL of this request depends on a user-provided value. |
 | check-path.js:37:15:37:45 | 'test.c ... tainted | check-path.js:37:29:37:45 | req.query.tainted | check-path.js:37:15:37:45 | 'test.c ... tainted | The URL of this request depends on a user-provided value. |
 | check-path.js:45:13:45:44 | `${base ... inted}` | check-path.js:45:26:45:42 | req.query.tainted | check-path.js:45:13:45:44 | `${base ... inted}` | The URL of this request depends on a user-provided value. |
diff --git a/javascript/ql/test/experimental/Security/CWE-918/check-path.js b/javascript/ql/test/experimental/Security/CWE-918/check-path.js
@@ -19,9 +19,9 @@ app.get('/check-with-axios', req => {
   axios.get('test.com/' + req.query.tainted); // SSRF
   axios.get('test.com/' + Number(req.query.tainted)); // OK
   axios.get('test.com/' + req.user.id); // OK
-  axios.get('test.com/' + encodeURIComponent(req.query.tainted)); // SSRF
+  axios.get('test.com/' + encodeURIComponent(req.query.tainted)); // OK
   axios.get(`/addresses/${req.query.tainted}`); // SSRF
-  axios.get(`/addresses/${encodeURIComponent(req.query.tainted)}`); // SSRF
+  axios.get(`/addresses/${encodeURIComponent(req.query.tainted)}`); // OK
   
   if (Number.isInteger(req.query.tainted)) {
     axios.get('test.com/' + req.query.tainted); // OK
