Skip to content

Commit 62e2ad5

Browse files
ESS-ENNSakshis
ESS-ENN
and
Sakshis
authored
Add Swift UIWebView nil baseURL detection rule and update snapshots (#189)
* removed missing-secure-java * httponly-false-csharp * use-of-md5-digest-utils-java * removing use-of-md5-digest-utils and httponly-false-csharp * swift-webview-config-base-url-swift * Removed python-neo4j extra files --------- Co-authored-by: Sakshis <sakshil@abc.com>
1 parent cc2e5aa commit 62e2ad5

5 files changed

+139
-276
lines changed

rules/python/security/python-neo4j-hardcoded-secret-auth-python.yml renamed to rules/python/security/python-neo4j-hardcoded-secret-python.yml

File renamed without changes.

rules/swift/security/swift-webview-config-base-url-swift.yml

Lines changed: 99 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,99 @@
1+
id: swift-webview-config-base-url-swift
2+
severity: warning
3+
language: swift
4+
message: >-
5+
UIWebView instances were observed where the baseURL is misconfigured as
6+
nil, which allows for origin abuse within the webview. In order to remove
7+
the effective origin, the application should explicitly set the baseURL to
8+
`about:blank` or similar.
9+
note: >-
10+
[CWE-272] Least Privilege Violation.
11+
[REFERENCES]
12+
- https://mas.owasp.org/MASVS/controls/MASVS-PLATFORM-2/
13+
14+
ast-grep-essentials: true
15+
16+
utils:
17+
matches_patttern_loadHTMLString_&_load:
18+
kind: call_expression
19+
all:
20+
- has:
21+
kind: navigation_expression
22+
all:
23+
- has:
24+
kind: simple_identifier
25+
pattern: $W
26+
- has:
27+
kind: navigation_suffix
28+
has:
29+
kind: simple_identifier
30+
regex: ^(loadHTMLString|load)$
31+
- has:
32+
kind: call_suffix
33+
has:
34+
stopBy: end
35+
kind: value_argument
36+
all:
37+
- has:
38+
kind: simple_identifier
39+
regex: "^baseURL$"
40+
- has:
41+
regex: "^nil$"
42+
- any:
43+
- follows:
44+
stopBy: end
45+
kind: property_declaration
46+
all:
47+
- has:
48+
stopBy: end
49+
kind: pattern
50+
has:
51+
stopBy: neighbor
52+
kind: simple_identifier
53+
pattern: $W
54+
- has:
55+
stopBy: neighbor
56+
kind: call_expression
57+
all:
58+
- has:
59+
stopBy: neighbor
60+
kind: simple_identifier
61+
regex: "^UIWebView$"
62+
- has:
63+
stopBy: neighbor
64+
kind: call_suffix
65+
- inside:
66+
stopBy: end
67+
follows:
68+
stopBy: end
69+
kind: property_declaration
70+
all:
71+
- has:
72+
stopBy: end
73+
kind: pattern
74+
has:
75+
stopBy: neighbor
76+
kind: simple_identifier
77+
pattern: $W
78+
- has:
79+
stopBy: neighbor
80+
kind: call_expression
81+
all:
82+
- has:
83+
stopBy: neighbor
84+
kind: simple_identifier
85+
regex: "^UIWebView$"
86+
- has:
87+
stopBy: neighbor
88+
kind: call_suffix
89+
rule:
90+
kind: call_expression
91+
matches: matches_patttern_loadHTMLString_&_load
92+
not:
93+
all:
94+
- has:
95+
stopBy: end
96+
kind: ERROR
97+
- inside:
98+
stopBy: end
99+
kind: ERROR

tests/__snapshots__/python-neo4j-hardcoded-secret-auth-python-snapshot.yml

Lines changed: 0 additions & 276 deletions
This file was deleted.

tests/__snapshots__/swift-webview-config-base-url-swift-snapshot.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
id: swift-webview-config-base-url-swift
2+
snapshots: {}

0 commit comments

Comments
 (0)