Fix sink test for RichTextEditor

mbaluda · mbaluda · commit 41ac3299e21e · 2025-12-03T23:29:43.000+01:00
diff --git a/javascript/frameworks/ui5/lib/advanced_security/javascript/frameworks/ui5/UI5View.qll b/javascript/frameworks/ui5/lib/advanced_security/javascript/frameworks/ui5/UI5View.qll
@@ -843,7 +843,7 @@ class UI5Control extends TUI5Control {
    * 'sap/ui/richttexteditor/RichTextEditor' sanitized using the property 'sanitizeValue'
    */
   predicate isHTMLSanitized() {
-    this.getControlTypeName() = "sap/ui/richttexteditor/RichTextEditor" and
+    this.getControlTypeName() = "sap/ui/richtexteditor/RichTextEditor" and
     this.isSanitizePropertySetTo("sanitizeValue", true) and
     not this.isSanitizePropertySetTo("sanitizeValue", false)
     or
diff --git a/javascript/frameworks/ui5/test/models/sink/UI5ViewSinkTest.expected b/javascript/frameworks/ui5/test/models/sink/UI5ViewSinkTest.expected
@@ -1,4 +1,2 @@
 | sink1.xml:6:5:6:44 | content={path: '/input'} | The binding path `content={path: '/input'}` is an HTML injection sink. |
-| sink1.xml:7:5:7:67 | content={path: '/input'} | The binding path `content={path: '/input'}` is an HTML injection sink. |
 | sink1.xml:8:5:8:51 | value={path: '/input'} | The binding path `value={path: '/input'}` is an HTML injection sink. |
-| sink1.xml:9:5:9:72 | value={path: '/input'} | The binding path `value={path: '/input'}` is an HTML injection sink. |
diff --git a/javascript/frameworks/ui5/test/models/sink/UI5ViewSinkTest.ql b/javascript/frameworks/ui5/test/models/sink/UI5ViewSinkTest.ql
@@ -9,5 +9,7 @@ import javascript
 import advanced_security.javascript.frameworks.ui5.UI5View
 
 from UI5BindingPath bp
-where bp = any(UI5View ui5v).getAnHtmlISink()
+where
+  bp = any(UI5View ui5v).getAnHtmlISink() and
+  not bp.getControlDeclaration().isHTMLSanitized()
 select bp, "The binding path `" + bp.toString() + "` is an HTML injection sink."
