Formatting

csharp/ql/src/experimental/CWE-942/CorsMisconfiguration.ql

@@ -12,8 +12,6 @@
  */
 
 import csharp
-private import DataFlow
-import semmle.code.csharp.frameworks.system.Web
 import CorsMisconfigurationLib
 
 /**

csharp/ql/src/experimental/CWE-942/CorsMisconfigurationCredentials.ql

@@ -12,13 +12,9 @@
  */
 
 import csharp
-private import DataFlow
-import semmle.code.csharp.frameworks.system.Web
 import CorsMisconfigurationLib
 
-/**
- * Holds if credentials are allowed
- */
+/** A call to `CorsPolicyBuilder.AllowCredentials`. */
 class AllowsCredentials extends MethodCall {
   AllowsCredentials() {
     this.getTarget()

csharp/ql/test/experimental/CWE-942/CorsMiconfigurationCredentials.cs

@@ -3,32 +3,23 @@
 using System;
 using Microsoft.Extensions.DependencyInjection;
 
+public class Startup {
+  public void ConfigureServices(string[] args) {
+    var builder = WebApplication.CreateBuilder(args);
+    var MyAllowSpecificOrigins = "_myAllowSpecificOrigins";
 
+    builder.Services.AddCors(options => {
+      options.AddPolicy(MyAllowSpecificOrigins,
+        policy => {
+          policy.SetIsOriginAllowed(test => true).AllowCredentials().AllowAnyHeader().AllowAnyMethod();
+        });
+    });
 
-public class Startup
-{
-    public void ConfigureServices(string[] args)
-    {
-var builder = WebApplication.CreateBuilder(args);
-var MyAllowSpecificOrigins = "_myAllowSpecificOrigins";
+    var app = builder.Build();
 
+    app.MapGet("/", () => "Hello World!");
+    app.UseCors(MyAllowSpecificOrigins);
 
-builder.Services.AddCors(options =>
-{
-    options.AddPolicy(MyAllowSpecificOrigins,
-                      policy =>
-                      {
-                          policy.SetIsOriginAllowed(test => true).AllowCredentials().AllowAnyHeader().AllowAnyMethod();
-                      });
-});
-
-var app = builder.Build();
-
-
-
-app.MapGet("/", () => "Hello World!");
-app.UseCors(MyAllowSpecificOrigins);
-
-app.Run();
-    }
+    app.Run();
+  }
 }