Skip to content

Commit d86fe71

Browse files
GeekMasherGeekMasher
committed
feat(queries): Add CORS queries
1 parent a33b213 commit d86fe71

13 files changed

+62
-0
lines changed

ql/queries/security/CWE-942/InsecureCorsAllHeaders.ql

Whitespace-only changes.

ql/queries/security/CWE-942/InsecureCorsAllMethods.ql

Whitespace-only changes.

ql/queries/security/CWE-942/InsecureCorsAllowCredentialsWildcard.ql

Whitespace-only changes.

ql/queries/security/CWE-942/InsecureCorsWildcardOrigin.ql

Whitespace-only changes.

ql/test/queries-tests/security/CWE-942/InsecureCorsAllHeaders.expected

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
| app.bicep:42:27:42:33 | Array | CORS policy allows all headers ("*"), which can increase attack surface. |

ql/test/queries-tests/security/CWE-942/InsecureCorsAllHeaders.qlref

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
security/CWE-942/InsecureCorsAllHeaders.ql

ql/test/queries-tests/security/CWE-942/InsecureCorsAllMethods.expected

Whitespace-only changes.

ql/test/queries-tests/security/CWE-942/InsecureCorsAllMethods.qlref

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
security/CWE-942/InsecureCorsAllMethods.ql

ql/test/queries-tests/security/CWE-942/InsecureCorsAllowCredentialsWildcard.expected

Whitespace-only changes.

ql/test/queries-tests/security/CWE-942/InsecureCorsAllowCredentialsWildcard.qlref

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
security/CWE-942/InsecureCorsAllowCredentialsWildcard.ql

0 commit comments

Comments
 (0)