Add taint for URLRequest fields

Author: atorralba

swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Url.qll

@@ -15,6 +15,19 @@ private class UriFieldsInheritTaint extends TaintInheritingContent, DataFlow::Co
   UriFieldsInheritTaint() { this.getField().getEnclosingDecl() instanceof UrlDecl }
 }
 
+/**
+ * A content implying that, if a `URLRequest` is tainted, then its fields `url`, `httpBody`,
+ * `httpBodyStream`, `mainDocument` and `allHTTPHeaderFields` are tainted.
+ */
+private class UrlRequestFieldsInheritTaint extends TaintInheritingContent,
+  DataFlow::Content::FieldContent {
+  UrlRequestFieldsInheritTaint() {
+    this.getField().getEnclosingDecl().(NominalTypeDecl).getName() = "URLRequest" and
+    this.getField().getName() =
+      ["url", "httpBody", "httpBodyStream", "mainDocument", "allHTTPHeaderFields"]
+  }
+}
+
 /**
  * A model for `URL` members that are sources of remote flow.
  */