Skip to content

Commit

Permalink
Improve FPs in react-insecure-request (#3524)
Browse files Browse the repository at this point in the history
* Improve FPs in react-insecure-request

* Update react-insecure-request.tsx

* Update react-insecure-request.jsx
  • Loading branch information
p4p3r authored Dec 2, 2024
1 parent 2a5cbda commit 4c96619
Show file tree
Hide file tree
Showing 3 changed files with 41 additions and 35 deletions.
3 changes: 3 additions & 0 deletions typescript/react/security/react-insecure-request.jsx
Original file line number Diff line number Diff line change
Expand Up @@ -34,3 +34,6 @@ const options = {
url: 'https://www.example.com',
};
axios(options);

// ok: react-insecure-request
axios.get('http://localhost/foo');
3 changes: 3 additions & 0 deletions typescript/react/security/react-insecure-request.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -34,3 +34,6 @@ const options = {
url: 'https://www.example.com',
};
axios(options);

// ok: react-insecure-request
axios.get('http://localhost/foo');
70 changes: 35 additions & 35 deletions typescript/react/security/react-insecure-request.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -23,39 +23,39 @@ rules:
- typescript
- javascript
severity: ERROR
pattern-either:
- patterns:
patterns:
- pattern-either:
- pattern-inside: |
import $AXIOS from 'axios';
...
$AXIOS.$METHOD(...)
- pattern-inside: |
$AXIOS = require('axios');
...
$AXIOS.$METHOD(...)
- pattern-either:
- pattern: $AXIOS.get("=~/[Hh][Tt][Tt][Pp]:\/\/.*/",...)
- pattern: $AXIOS.post("=~/[Hh][Tt][Tt][Pp]:\/\/.*/",...)
- pattern: $AXIOS.delete("=~/[Hh][Tt][Tt][Pp]:\/\/.*/",...)
- pattern: $AXIOS.head("=~/[Hh][Tt][Tt][Pp]:\/\/.*/",...)
- pattern: $AXIOS.patch("=~/[Hh][Tt][Tt][Pp]:\/\/.*/",...)
- pattern: $AXIOS.put("=~/[Hh][Tt][Tt][Pp]:\/\/.*/",...)
- pattern: $AXIOS.options("=~/[Hh][Tt][Tt][Pp]:\/\/.*/",...)
- patterns:
- pattern-either:
- pattern-inside: |
import $AXIOS from 'axios';
...
$AXIOS(...)
- pattern-inside: |
$AXIOS = require('axios');
...
$AXIOS(...)
- pattern-either:
- pattern: '$AXIOS({url: "=~/[Hh][Tt][Tt][Pp]:\/\/.*/"}, ...)'
- pattern: |
$OPTS = {url: "=~/[Hh][Tt][Tt][Pp]:\/\/.*/"}
...
$AXIOS($OPTS, ...)
- pattern: fetch("=~/[Hh][Tt][Tt][Pp]:\/\/.*/", ...)
- patterns:
- pattern-either:
- pattern-inside: |
import $AXIOS from 'axios';
...
$AXIOS.$METHOD(...)
- pattern-inside: |
$AXIOS = require('axios');
...
$AXIOS.$METHOD(...)
- pattern: $AXIOS.$VERB("$URL",...)
- metavariable-regex:
metavariable: $VERB
regex: ^(get|post|delete|head|patch|put|options)
- patterns:
- pattern-either:
- pattern-inside: |
import $AXIOS from 'axios';
...
$AXIOS(...)
- pattern-inside: |
$AXIOS = require('axios');
...
$AXIOS(...)
- pattern-either:
- pattern: '$AXIOS({url: "$URL"}, ...)'
- pattern: |
$OPTS = {url: "$URL"}
...
$AXIOS($OPTS, ...)
- pattern: fetch("$URL", ...)
- metavariable-regex:
metavariable: $URL
regex: ^([Hh][Tt][Tt][Pp]:\/\/(?!localhost).*)

0 comments on commit 4c96619

Please sign in to comment.