JS: Accept a spurious alert

asgerf · asgerf · commit 1b8fa20d7299 · 2025-02-25T17:29:22.000+01:00
Unlike the previous case 'isLocalUrl' actually resolves to a function in this case, but we don't recognise the sanitiser used in it. Fixing it is out of scope for this PR.
diff --git a/javascript/ql/test/query-tests/Security/CWE-601/ServerSideUrlRedirect/ServerSideUrlRedirectGood2.js b/javascript/ql/test/query-tests/Security/CWE-601/ServerSideUrlRedirect/ServerSideUrlRedirectGood2.js
@@ -15,7 +15,7 @@ app.get("/redirect", function (req, res) {
   // OK - check that we don't redirect to a different host
   let target = req.query["target"];
   if (isLocalUrl(target)) {
-    res.redirect(target);
+    res.redirect(target); // $ SPURIOUS: Alert - sanitiser not recognised
   } else {
     res.redirect("/");
   }

Original file line number	Diff line number	Diff line change
`@@ -15,7 +15,7 @@ app.get("/redirect", function (req, res) {`
`15`	`15`	`// OK - check that we don't redirect to a different host`
`16`	`16`	`let target = req.query["target"];`
`17`	`17`	`if (isLocalUrl(target)) {`
`18`		`- res.redirect(target);`
	`18`	`+ res.redirect(target); // $ SPURIOUS: Alert - sanitiser not recognised`
`19`	`19`	`} else {`
`20`	`20`	`res.redirect("/");`
`21`	`21`	`}`