Move XssConfig to XssQuery.qll

Author: egregius313

java/ql/lib/semmle/code/java/security/XssQuery.qll

@@ -0,0 +1,26 @@
+/** Provides a taint tracking configuration to track cross site scripting. */
+
+import java
+import semmle.code.java.dataflow.FlowSources
+import semmle.code.java.dataflow.TaintTracking
+import semmle.code.java.security.XSS
+
+/**
+ * A taint-tracking configuration for cross site scripting vulnerabilities.
+ */
+module XssConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
+
+  predicate isSink(DataFlow::Node sink) { sink instanceof XssSink }
+
+  predicate isBarrier(DataFlow::Node node) { node instanceof XssSanitizer }
+
+  predicate isBarrierOut(DataFlow::Node node) { node instanceof XssSinkBarrier }
+
+  predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
+    any(XssAdditionalTaintStep s).step(node1, node2)
+  }
+}
+
+/** Tracks flow from remote sources to cross site scripting vulnerabilities. */
+module XssFlow = TaintTracking::Global<XssConfig>;

java/ql/src/Security/CWE/CWE-079/XSS.ql

@@ -12,25 +12,7 @@
  */
 
 import java
-import semmle.code.java.dataflow.FlowSources
-import semmle.code.java.security.XSS
-
-module XssConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
-
-  predicate isSink(DataFlow::Node sink) { sink instanceof XssSink }
-
-  predicate isBarrier(DataFlow::Node node) { node instanceof XssSanitizer }
-
-  predicate isBarrierOut(DataFlow::Node node) { node instanceof XssSinkBarrier }
-
-  predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
-    any(XssAdditionalTaintStep s).step(node1, node2)
-  }
-}
-
-module XssFlow = TaintTracking::Global<XssConfig>;
-
+import semmle.code.java.security.XssQuery
 import XssFlow::PathGraph
 
 from XssFlow::PathNode source, XssFlow::PathNode sink