Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

C#: Blazor: Support string literals as property names in jump nodes #19145

Merged
merged 7 commits into from
Apr 3, 2025
Merged

C#: Blazor: Support string literals as property names in jump nodes #19145

merged 7 commits into from
Apr 3, 2025

Conversation

tamasvajk
Copy link
Contributor

@tamasvajk tamasvajk commented Mar 28, 2025
edited
Loading

Continuation of #18957.

Older versions of Blazor used a string literal instead of a nameof expression in order to specify the property being set. Therefore, it is necessary to modify the corresponding jump node in order to model the steps correctly.

github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 28, 2025
View reviewed changes
csharp/ql/integration-tests/all-platforms/blazor/XSS.qlref Outdated
Comment on lines 1 to 2
query: Security Features/CWE-079/XSS.ql
postprocess: utils/test/PrettyPrintModels.ql

Check warning

Code scanning / CodeQL

Query test without inline test expectations Warning

Query test does not use inline test expectations.
csharp/ql/integration-tests/all-platforms/blazor_build_mode_none/XSS.qlref Outdated
Comment on lines 1 to 2
query: Security Features/CWE-079/XSS.ql
postprocess: utils/test/PrettyPrintModels.ql

Check warning

Code scanning / CodeQL

Query test without inline test expectations Warning

Query test does not use inline test expectations.
csharp/ql/integration-tests/all-platforms/blazor_net_8/XSS.qlref Outdated
Comment on lines 1 to 2
query: Security Features/CWE-079/XSS.ql
postprocess: utils/test/PrettyPrintModels.ql

Check warning

Code scanning / CodeQL

Query test without inline test expectations Warning

Query test does not use inline test expectations.
csharp/ql/test/library-tests/frameworks/microsoft/aspnetcore/blazor/Xss.qlref Outdated
@@ -0,0 +1 @@
Security Features/CWE-079/XSS.ql

Check warning

Code scanning / CodeQL

Query test without inline test expectations Warning test

Query test does not use inline test expectations.
egregius313 and others added 5 commits March 28, 2025 16:04
@egregius313 @tamasvajk
Support when a property is specified by a string literal instead of a…
52b889f 
… `nameof` expression

In earlier versions of the Razor generator, a string literal was used
instead of a `nameof` expression in order to indicate the name of the
property being modified. This means we need to look up the property by
name instead of using a more explicit access.
@egregius313 @tamasvajk
Add test case using string literal in property name
3d0a85b
@egregius313 @tamasvajk
[change-note] Blazor parameter passing string literal
d601c26
@tamasvajk
Restrict name based property lookup to opened component types
72fb6ed
@tamasvajk
Adjust expected test file
32448c1
@tamasvajk tamasvajk force-pushed the tamasvajk/blazor/parameter-passing-jumpnode-2 branch from 61e2aa7 to 32448c1 Compare March 28, 2025 15:04
@tamasvajk tamasvajk marked this pull request as ready for review March 28, 2025 15:06
@tamasvajk tamasvajk requested a review from a team as a code owner March 28, 2025 15:06
@michaelnebel michaelnebel self-requested a review April 1, 2025 06:50
michaelnebel
michaelnebel reviewed Apr 1, 2025
View reviewed changes
Copy link
Contributor

@michaelnebel michaelnebel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for doing this @tamasvajk !

michaelnebel
michaelnebel approved these changes Apr 1, 2025
View reviewed changes
Copy link
Contributor

@michaelnebel michaelnebel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!
Maybe run DCA before merging.

@tamasvajk tamasvajk merged commit befc2fd into github:main Apr 3, 2025
24 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@michaelnebel michaelnebel michaelnebel approved these changes

Assignees
No one assigned
Labels
C# documentation
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tamasvajk @michaelnebel @egregius313