Skip to content

Commit 812abea

Browse files
KwstubbsKwstubbs
committed
change-notes
1 parent 0420d25 commit 812abea

File tree

3 files changed

+10
-0
lines changed

3 files changed

+10
-0
lines changed

python/ql/lib/semmle/python/frameworks/FastApi.qll

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,9 @@ module FastApi {
3636
private class AddMiddlewareCall extends DataFlow::CallCfgNode {
3737
AddMiddlewareCall() { this = App::instance().getMember("add_middleware").getACall() }
3838

39+
/**
40+
* Gets the string corresponding to the middleware
41+
*/
3942
string middleware_name() { result = this.getArg(0).asExpr().(Name).toString() }
4043
}
4144

python/ql/lib/semmle/python/frameworks/Starlette.qll

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,9 @@ module Starlette {
4444
this = [App::instance().getMember("add_middleware").getACall(), Middleware::instance()]
4545
}
4646

47+
/**
48+
* Gets the string corresponding to the middleware
49+
*/
4750
string middleware_name() { result = this.getArg(0).asExpr().(Name).toString() }
4851
}
4952

python/ql/src/change-notes/2024-08-26-Cors-misconfiguration-middleware.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
---
2+
category: newQuery
3+
---
4+
* The `py/insecure-cors-setting` query, which finds insecure CORS middleware configurations.

0 commit comments

Comments
 (0)