Generalize UI5 sources #61
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rvermeulen
force-pushed
the
rvermeulen/generic-sources
branch
from
a3c74fa to
f995666
Compare
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| @@ -4,7 +4,7 @@ | |||
| // source is ui5-specific | |||
| function ui5loginjectionXss() { | |||
| let value = jQuery.sap.syncGet("url", "param") | |||
| console.info(`[INFO] User: ${value}`); //UI5 log-injection | |||
| console.info(`[INFO] User: ${value}`); // log-injection | |||
Check failure
Code scanning / CodeQL
Log injection
| @@ -1,7 +1,7 @@ | |||
| // source is ui5-specific | |||
| function testXss1() { | |||
| var value = jQuery.sap.syncGet("url", "param") | |||
| $('myId').html(value) //UI5 Xss | |||
| $('myId').html(value) // Xss | |||
Check warning
Code scanning / CodeQL
Client-side cross-site scripting
We currently aren't enabling standard queries to use UI5 remote flow sources. This is changed in this commit where we move the UI5 sources into the generic remote flow source concept to enable all queries to be able to use them. This also means we can no longer differentiate between between the origin of sources, so our UI5 specific queries become more general in that any remote flow source to a UI5 specific sink is reported. This changes the definition of a UI5 specific query such that it is the sink that differentiate it from our standard library query so we can keep providing UI5 specific remediations in the documentation.
rvermeulen
force-pushed
the
rvermeulen/generic-sources
branch
from
f995666 to
20605e2
Compare
|
LGTM |
jeongsoolee09
approved these changes
Oct 9, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
We currently aren't enabling standard queries to use UI5 remote flow sources. This is changed in this PR where we move the UI5 sources into the generic remote flow source concept to enable all queries to be able to use them.
This also means we can no longer differentiate between between the origin of sources, so our UI5 specific queries become more general in that any remote flow source to a UI5 specific sink is reported.
This changes the definition of a UI5 specific query such that it is the sink that differentiate it from our standard library query. This allows use to provide UI5 specific remediations in the documentation. Since a remediation will be sink depended this is fine. The use of data (it's context) determines how it must be encoded and that will be UI5 specific.