swift-webview-config-allows-js-open-windows-swift

ESS-ENN · ESS-ENN · commit 047b1ebbc71c · 2024-10-22T18:36:31.000+05:30
diff --git a/rules/swift/security/swift-webview-config-allows-js-open-windows-swift.yml b/rules/swift/security/swift-webview-config-allows-js-open-windows-swift.yml
@@ -0,0 +1,62 @@
+id: swift-webview-config-allows-js-open-windows-swift
+language: swift
+severity: warning
+message: >-
+  Webviews were observed that explictly allow JavaScript in an WKWebview
+  to open windows automatically. Consider disabling this functionality if
+  not required, following the principle of least privelege.
+note: >-
+  [CWE-272]: Least Privilege Violation
+  [REFERENCES]
+       https://mas.owasp.org/MASVS/controls/MASVS-PLATFORM-2/
+       https://developer.apple.com/documentation/webkit/wkpreferences/1536573-javascriptcanopenwindowsautomati
+utils:
+  match_JavaScriptCanOpenWindowsAutomatically:
+    kind: assignment
+    all:
+      - has:
+          stopBy: end
+          kind: navigation_expression
+          has:
+            stopBy: end
+            kind: simple_identifier
+            pattern: $R
+      - has:
+          stopBy: end
+          kind: navigation_suffix
+          has:
+            stopBy: end
+            kind: simple_identifier
+            regex: "^JavaScriptCanOpenWindowsAutomatically$"
+      - has:
+          kind: boolean_literal
+          regex: "^true$"
+      - follows:
+          stopBy: end
+          kind: property_declaration
+          has:
+            stopBy: end
+            kind: pattern
+            has:
+              kind: simple_identifier
+              pattern: $R
+      - not:
+          precedes:
+            stopBy: neighbor
+            kind: assignment
+            has:
+              stopBy: end
+              kind: boolean_literal
+              regex: "^true$|false"
+      - not:
+          follows:
+            stopBy: neighbor
+            kind: assignment
+            has:
+              stopBy: end
+              kind: boolean_literal
+              regex: "^true"
+
+rule:
+  any:
+    - matches: match_JavaScriptCanOpenWindowsAutomatically
diff --git a/tests/__snapshots__/swift-webview-config-allows-js-open-windows-swift-snapshot.yml b/tests/__snapshots__/swift-webview-config-allows-js-open-windows-swift-snapshot.yml
@@ -0,0 +1,42 @@
+id: swift-webview-config-allows-js-open-windows-swift
+snapshots:
+  ? |
+    let prefs = WKPreferences()
+    prefs.JavaScriptCanOpenWindowsAutomatically  = true
+  : labels:
+    - source: prefs.JavaScriptCanOpenWindowsAutomatically  = true
+      style: primary
+      start: 28
+      end: 79
+    - source: prefs
+      style: secondary
+      start: 28
+      end: 33
+    - source: prefs.JavaScriptCanOpenWindowsAutomatically
+      style: secondary
+      start: 28
+      end: 71
+    - source: JavaScriptCanOpenWindowsAutomatically
+      style: secondary
+      start: 34
+      end: 71
+    - source: .JavaScriptCanOpenWindowsAutomatically
+      style: secondary
+      start: 33
+      end: 71
+    - source: 'true'
+      style: secondary
+      start: 75
+      end: 79
+    - source: prefs
+      style: secondary
+      start: 4
+      end: 9
+    - source: prefs
+      style: secondary
+      start: 4
+      end: 9
+    - source: let prefs = WKPreferences()
+      style: secondary
+      start: 0
+      end: 27
diff --git a/tests/swift/swift-webview-config-allows-js-open-windows-swift-test.yml b/tests/swift/swift-webview-config-allows-js-open-windows-swift-test.yml
@@ -0,0 +1,10 @@
+id: swift-webview-config-allows-js-open-windows-swift
+valid:
+  - |
+    let prefs2 = WKPreferences()
+    prefs2.JavaScriptCanOpenWindowsAutomatically  = true
+    prefs2.JavaScriptCanOpenWindowsAutomatically  = false
+invalid:
+  - |
+    let prefs = WKPreferences()
+    prefs.JavaScriptCanOpenWindowsAutomatically  = true
