From 00ecdb0a83b6cf44106ee42a1e87e4d640fb9b35 Mon Sep 17 00:00:00 2001
From: Ed Minnix <egregius313@github.com>
Date: Wed, 18 Dec 2024 20:52:00 -0500
Subject: [PATCH 1/5] Fix typo in NavigationManager name in model

---
 csharp/ql/lib/ext/Microsoft.AspNetCore.Components.model.yml | 6 +++---
 .../library-tests/dataflow/library/FlowSummaries.expected   | 4 ++++
 .../dataflow/library/FlowSummariesFiltered.expected         | 2 ++
 3 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/csharp/ql/lib/ext/Microsoft.AspNetCore.Components.model.yml b/csharp/ql/lib/ext/Microsoft.AspNetCore.Components.model.yml
index 8617d8e90f0d..e0609a8fcb8c 100644
--- a/csharp/ql/lib/ext/Microsoft.AspNetCore.Components.model.yml
+++ b/csharp/ql/lib/ext/Microsoft.AspNetCore.Components.model.yml
@@ -3,13 +3,13 @@ extensions:
       pack: codeql/csharp-all
       extensible: sourceModel
     data:
-      - ["Microsoft.AspNetCore.Components", "NagivationManager", True, "get_BaseUri", "", "", "ReturnValue", "remote", "manual"]
-      - ["Microsoft.AspNetCore.Components", "NagivationManager", True, "get_Uri", "", "", "ReturnValue", "remote", "manual"]
+      - ["Microsoft.AspNetCore.Components", "NavigationManager", True, "get_BaseUri", "", "", "ReturnValue", "remote", "manual"]
+      - ["Microsoft.AspNetCore.Components", "NavigationManager", True, "get_Uri", "", "", "ReturnValue", "remote", "manual"]
   - addsTo:
       pack: codeql/csharp-all
       extensible: summaryModel
     data:
-      - ["Microsoft.AspNetCore.Components", "NagivationManager", True, "ToAbsoluteUri", "(System.String)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
+      - ["Microsoft.AspNetCore.Components", "NavigationManager", True, "ToAbsoluteUri", "(System.String)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
   - addsTo:
       pack: codeql/csharp-all
       extensible: sinkModel
diff --git a/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected b/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
index e08060fe3436..89d102fc4c0a 100644
--- a/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
+++ b/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
@@ -90,6 +90,8 @@ source
 | Dapper;SqlMapper;QuerySingleOrDefaultAsync;(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable<System.Int32>,System.Nullable<System.Data.CommandType>);ReturnValue;database;manual |
 | Dapper;SqlMapper;QuerySingleOrDefaultAsync<T>;(System.Data.IDbConnection,Dapper.CommandDefinition);ReturnValue;database;manual |
 | Dapper;SqlMapper;QuerySingleOrDefaultAsync<T>;(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable<System.Int32>,System.Nullable<System.Data.CommandType>);ReturnValue;database;manual |
+| Microsoft.AspNetCore.Components;NavigationManager;get_BaseUri;();ReturnValue;remote;manual |
+| Microsoft.AspNetCore.Components;NavigationManager;get_Uri;();ReturnValue;remote;manual |
 | Microsoft.Extensions.Configuration.UserSecrets;PathHelper;GetSecretsPathFromSecretsId;(System.String);ReturnValue;environment;df-generated |
 | Microsoft.Extensions.Configuration;EnvironmentVariablesExtensions;AddEnvironmentVariables;(Microsoft.Extensions.Configuration.IConfigurationBuilder);Argument[0];environment;manual |
 | Microsoft.Extensions.Configuration;EnvironmentVariablesExtensions;AddEnvironmentVariables;(Microsoft.Extensions.Configuration.IConfigurationBuilder);ReturnValue;environment;manual |
@@ -984,6 +986,7 @@ summary
 | Microsoft.AspNetCore.Components.RenderTree;Renderer;add_UnhandledSynchronizationException;(System.UnhandledExceptionEventHandler);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components.RenderTree;Renderer;remove_UnhandledSynchronizationException;(System.UnhandledExceptionEventHandler);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components.Rendering;ComponentState;DisposeAsync;();Argument[this];ReturnValue;taint;df-generated |
+| Microsoft.AspNetCore.Components.Rendering;RenderTreeBuilder;AddComponentParameter;(System.Int32,System.String,System.Object);Argument[2];Argument[1];taint;manual |
 | Microsoft.AspNetCore.Components.Rendering;RenderTreeBuilder;AddComponentReferenceCapture;(System.Int32,System.Action<System.Object>);Argument[1];Argument[1].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components.Rendering;RenderTreeBuilder;AddContent;(System.Int32,Microsoft.AspNetCore.Components.RenderFragment);Argument[1];Argument[1].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components.Rendering;RenderTreeBuilder;AddContent<TValue>;(System.Int32,Microsoft.AspNetCore.Components.RenderFragment<TValue>,TValue);Argument[1];Argument[1].Parameter[delegate-self];value;hq-generated |
@@ -1117,6 +1120,7 @@ summary
 | Microsoft.AspNetCore.Components;LayoutComponentBase;set_Body;(Microsoft.AspNetCore.Components.RenderFragment);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components;LayoutView;set_ChildContent;(Microsoft.AspNetCore.Components.RenderFragment);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components;NavigationManager;RegisterLocationChangingHandler;(System.Func<Microsoft.AspNetCore.Components.Routing.LocationChangingContext,System.Threading.Tasks.ValueTask>);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
+| Microsoft.AspNetCore.Components;NavigationManager;ToAbsoluteUri;(System.String);Argument[0];ReturnValue;taint;manual |
 | Microsoft.AspNetCore.Components;NavigationManager;add_LocationChanged;(System.EventHandler<Microsoft.AspNetCore.Components.Routing.LocationChangedEventArgs>);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components;NavigationManager;remove_LocationChanged;(System.EventHandler<Microsoft.AspNetCore.Components.Routing.LocationChangedEventArgs>);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components;PersistentComponentState;RegisterOnPersisting;(System.Func<System.Threading.Tasks.Task>);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
diff --git a/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected b/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
index 79bc3c9fa8b4..1c597b3cc5a4 100644
--- a/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
+++ b/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
@@ -191,6 +191,7 @@
 | Microsoft.AspNetCore.Components.Forms;ValidationMessageStore;get_Item;(System.Linq.Expressions.Expression<System.Func<System.Object>>);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components.RenderTree;Renderer;add_UnhandledSynchronizationException;(System.UnhandledExceptionEventHandler);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components.RenderTree;Renderer;remove_UnhandledSynchronizationException;(System.UnhandledExceptionEventHandler);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
+| Microsoft.AspNetCore.Components.Rendering;RenderTreeBuilder;AddComponentParameter;(System.Int32,System.String,System.Object);Argument[2];Argument[1];taint;manual |
 | Microsoft.AspNetCore.Components.Rendering;RenderTreeBuilder;AddComponentReferenceCapture;(System.Int32,System.Action<System.Object>);Argument[1];Argument[1].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components.Rendering;RenderTreeBuilder;AddContent;(System.Int32,Microsoft.AspNetCore.Components.RenderFragment);Argument[1];Argument[1].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components.Rendering;RenderTreeBuilder;AddContent<TValue>;(System.Int32,Microsoft.AspNetCore.Components.RenderFragment<TValue>,TValue);Argument[1];Argument[1].Parameter[delegate-self];value;hq-generated |
@@ -321,6 +322,7 @@
 | Microsoft.AspNetCore.Components;LayoutComponentBase;set_Body;(Microsoft.AspNetCore.Components.RenderFragment);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components;LayoutView;set_ChildContent;(Microsoft.AspNetCore.Components.RenderFragment);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components;NavigationManager;RegisterLocationChangingHandler;(System.Func<Microsoft.AspNetCore.Components.Routing.LocationChangingContext,System.Threading.Tasks.ValueTask>);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
+| Microsoft.AspNetCore.Components;NavigationManager;ToAbsoluteUri;(System.String);Argument[0];ReturnValue;taint;manual |
 | Microsoft.AspNetCore.Components;NavigationManager;add_LocationChanged;(System.EventHandler<Microsoft.AspNetCore.Components.Routing.LocationChangedEventArgs>);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components;NavigationManager;remove_LocationChanged;(System.EventHandler<Microsoft.AspNetCore.Components.Routing.LocationChangedEventArgs>);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components;PersistentComponentState;RegisterOnPersisting;(System.Func<System.Threading.Tasks.Task>);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |

From b1bba731b408202854057fa970bee19044d6f504 Mon Sep 17 00:00:00 2001
From: Ed Minnix <egregius313@github.com>
Date: Wed, 18 Dec 2024 21:05:52 -0500
Subject: [PATCH 2/5] Remove irrelevant test results

---
 .../test/library-tests/dataflow/library/FlowSummaries.expected   | 1 -
 .../dataflow/library/FlowSummariesFiltered.expected              | 1 -
 2 files changed, 2 deletions(-)

diff --git a/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected b/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
index 89d102fc4c0a..6c5524bfd2d9 100644
--- a/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
+++ b/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
@@ -986,7 +986,6 @@ summary
 | Microsoft.AspNetCore.Components.RenderTree;Renderer;add_UnhandledSynchronizationException;(System.UnhandledExceptionEventHandler);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components.RenderTree;Renderer;remove_UnhandledSynchronizationException;(System.UnhandledExceptionEventHandler);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components.Rendering;ComponentState;DisposeAsync;();Argument[this];ReturnValue;taint;df-generated |
-| Microsoft.AspNetCore.Components.Rendering;RenderTreeBuilder;AddComponentParameter;(System.Int32,System.String,System.Object);Argument[2];Argument[1];taint;manual |
 | Microsoft.AspNetCore.Components.Rendering;RenderTreeBuilder;AddComponentReferenceCapture;(System.Int32,System.Action<System.Object>);Argument[1];Argument[1].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components.Rendering;RenderTreeBuilder;AddContent;(System.Int32,Microsoft.AspNetCore.Components.RenderFragment);Argument[1];Argument[1].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components.Rendering;RenderTreeBuilder;AddContent<TValue>;(System.Int32,Microsoft.AspNetCore.Components.RenderFragment<TValue>,TValue);Argument[1];Argument[1].Parameter[delegate-self];value;hq-generated |
diff --git a/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected b/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
index 1c597b3cc5a4..f6fe3b940435 100644
--- a/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
+++ b/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
@@ -191,7 +191,6 @@
 | Microsoft.AspNetCore.Components.Forms;ValidationMessageStore;get_Item;(System.Linq.Expressions.Expression<System.Func<System.Object>>);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components.RenderTree;Renderer;add_UnhandledSynchronizationException;(System.UnhandledExceptionEventHandler);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components.RenderTree;Renderer;remove_UnhandledSynchronizationException;(System.UnhandledExceptionEventHandler);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
-| Microsoft.AspNetCore.Components.Rendering;RenderTreeBuilder;AddComponentParameter;(System.Int32,System.String,System.Object);Argument[2];Argument[1];taint;manual |
 | Microsoft.AspNetCore.Components.Rendering;RenderTreeBuilder;AddComponentReferenceCapture;(System.Int32,System.Action<System.Object>);Argument[1];Argument[1].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components.Rendering;RenderTreeBuilder;AddContent;(System.Int32,Microsoft.AspNetCore.Components.RenderFragment);Argument[1];Argument[1].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components.Rendering;RenderTreeBuilder;AddContent<TValue>;(System.Int32,Microsoft.AspNetCore.Components.RenderFragment<TValue>,TValue);Argument[1];Argument[1].Parameter[delegate-self];value;hq-generated |

From febd7c6b05f06a7eda2c77f3d4d76a5d10f10f1e Mon Sep 17 00:00:00 2001
From: Ed Minnix <egregius313@github.com>
Date: Wed, 18 Dec 2024 21:46:53 -0500
Subject: [PATCH 3/5] Model url-redirection involving NavigationManager

---
 csharp/ql/lib/ext/Microsoft.AspNetCore.Components.model.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/csharp/ql/lib/ext/Microsoft.AspNetCore.Components.model.yml b/csharp/ql/lib/ext/Microsoft.AspNetCore.Components.model.yml
index e0609a8fcb8c..7fbd73503408 100644
--- a/csharp/ql/lib/ext/Microsoft.AspNetCore.Components.model.yml
+++ b/csharp/ql/lib/ext/Microsoft.AspNetCore.Components.model.yml
@@ -10,9 +10,14 @@ extensions:
       extensible: summaryModel
     data:
       - ["Microsoft.AspNetCore.Components", "NavigationManager", True, "ToAbsoluteUri", "(System.String)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
+      - ["Microsoft.AspNetCore.Components", "NavigationManagerExtensions", True, "GetUriWithQueryParameter", "", "", "Argument[1..2]", "ReturnValue", "taint", "manual"]
+      - ["Microsoft.AspNetCore.Components", "NavigationManagerExtensions", True, "GetUriWithQueryParameters", "", "", "Argument[1].Element.Property[System.Collections.Generic.KeyValuePair`2.Key]", "ReturnValue", "taint", "manual"]
+      - ["Microsoft.AspNetCore.Components", "NavigationManagerExtensions", True, "GetUriWithQueryParameters", "", "", "Argument[1].Element.Property[System.Collections.Generic.KeyValuePair`2.Value]", "ReturnValue", "taint", "manual"]
   - addsTo:
       pack: codeql/csharp-all
       extensible: sinkModel
     data:
       - ["Microsoft.AspNetCore.Components", "MarkupString", False, "MarkupString", "(System.String)", "", "Argument[0]", "html-injection", "manual"]
       - ["Microsoft.AspNetCore.Components", "MarkupString", False, "op_Explicit", "(System.String)", "", "Argument[0]", "html-injection", "manual"]
+      - ["Microsoft.AspNetCore.Components", "NavigationManager", True, "NavigateTo", "", "", "Argument[0]", "url-redirection", "manual"]
+      - ["Microsoft.AspNetCore.Components", "NavigationManager", True, "NavigateToCore", "", "", "Argument[0]", "url-redirection", "manual"]

From 0abd08a0f56025efe96ebeb4dfe5c012aae6270f Mon Sep 17 00:00:00 2001
From: Ed Minnix <egregius313@github.com>
Date: Wed, 18 Dec 2024 21:49:49 -0500
Subject: [PATCH 4/5] Fix test results

---
 .../dataflow/library/FlowSummaries.expected   | 51 +++++++++++++++++++
 .../library/FlowSummariesFiltered.expected    | 46 +++++++++++++++++
 2 files changed, 97 insertions(+)

diff --git a/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected b/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
index 6c5524bfd2d9..55c135053d15 100644
--- a/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
+++ b/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected
@@ -254,6 +254,11 @@ sink
 | Dapper;SqlMapper;QuerySingleOrDefaultAsync<T>;(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable<System.Int32>,System.Nullable<System.Data.CommandType>);Argument[1];sql-injection;manual |
 | Microsoft.AspNetCore.Components;MarkupString;MarkupString;(System.String);Argument[0];html-injection;manual |
 | Microsoft.AspNetCore.Components;MarkupString;op_Explicit;(System.String);Argument[0];html-injection;manual |
+| Microsoft.AspNetCore.Components;NavigationManager;NavigateTo;(System.String,Microsoft.AspNetCore.Components.NavigationOptions);Argument[0];url-redirection;manual |
+| Microsoft.AspNetCore.Components;NavigationManager;NavigateTo;(System.String,System.Boolean);Argument[0];url-redirection;manual |
+| Microsoft.AspNetCore.Components;NavigationManager;NavigateTo;(System.String,System.Boolean,System.Boolean);Argument[0];url-redirection;manual |
+| Microsoft.AspNetCore.Components;NavigationManager;NavigateToCore;(System.String,Microsoft.AspNetCore.Components.NavigationOptions);Argument[0];url-redirection;manual |
+| Microsoft.AspNetCore.Components;NavigationManager;NavigateToCore;(System.String,System.Boolean);Argument[0];url-redirection;manual |
 | Microsoft.EntityFrameworkCore;RelationalDatabaseFacadeExtensions;ExecuteSqlRaw;(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Collections.Generic.IEnumerable<System.Object>);Argument[1];sql-injection;manual |
 | Microsoft.EntityFrameworkCore;RelationalDatabaseFacadeExtensions;ExecuteSqlRaw;(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Object[]);Argument[1];sql-injection;manual |
 | Microsoft.EntityFrameworkCore;RelationalDatabaseFacadeExtensions;ExecuteSqlRawAsync;(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Collections.Generic.IEnumerable<System.Object>,System.Threading.CancellationToken);Argument[1];sql-injection;manual |
@@ -1122,6 +1127,52 @@ summary
 | Microsoft.AspNetCore.Components;NavigationManager;ToAbsoluteUri;(System.String);Argument[0];ReturnValue;taint;manual |
 | Microsoft.AspNetCore.Components;NavigationManager;add_LocationChanged;(System.EventHandler<Microsoft.AspNetCore.Components.Routing.LocationChangedEventArgs>);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components;NavigationManager;remove_LocationChanged;(System.EventHandler<Microsoft.AspNetCore.Components.Routing.LocationChangedEventArgs>);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Boolean);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Boolean);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.DateOnly);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.DateOnly);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.DateTime);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.DateTime);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Decimal);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Decimal);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Double);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Double);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Guid);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Guid);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Int32);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Int32);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Int64);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Int64);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Boolean>);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Boolean>);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.DateOnly>);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.DateOnly>);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.DateTime>);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.DateTime>);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Decimal>);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Decimal>);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Double>);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Double>);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Guid>);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Guid>);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Int32>);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Int32>);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Int64>);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Int64>);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Single>);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Single>);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.TimeOnly>);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.TimeOnly>);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Single);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Single);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.String);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.String);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.TimeOnly);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.TimeOnly);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameters;(Microsoft.AspNetCore.Components.NavigationManager,System.Collections.Generic.IReadOnlyDictionary<System.String,System.Object>);Argument[1].Element.Property[System.Collections.Generic.KeyValuePair`2.Key];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameters;(Microsoft.AspNetCore.Components.NavigationManager,System.Collections.Generic.IReadOnlyDictionary<System.String,System.Object>);Argument[1].Element.Property[System.Collections.Generic.KeyValuePair`2.Value];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameters;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Collections.Generic.IReadOnlyDictionary<System.String,System.Object>);Argument[1].Element.Property[System.Collections.Generic.KeyValuePair`2.Key];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameters;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Collections.Generic.IReadOnlyDictionary<System.String,System.Object>);Argument[1].Element.Property[System.Collections.Generic.KeyValuePair`2.Value];ReturnValue;taint;manual |
 | Microsoft.AspNetCore.Components;PersistentComponentState;RegisterOnPersisting;(System.Func<System.Threading.Tasks.Task>);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components;PersistentComponentState;RegisterOnPersisting;(System.Func<System.Threading.Tasks.Task>,Microsoft.AspNetCore.Components.IComponentRenderMode);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components;RenderFragment;BeginInvoke;(Microsoft.AspNetCore.Components.Rendering.RenderTreeBuilder,System.AsyncCallback,System.Object);Argument[1];Argument[1].Parameter[delegate-self];value;hq-generated |
diff --git a/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected b/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
index f6fe3b940435..4c26b44a9d21 100644
--- a/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
+++ b/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected
@@ -324,6 +324,52 @@
 | Microsoft.AspNetCore.Components;NavigationManager;ToAbsoluteUri;(System.String);Argument[0];ReturnValue;taint;manual |
 | Microsoft.AspNetCore.Components;NavigationManager;add_LocationChanged;(System.EventHandler<Microsoft.AspNetCore.Components.Routing.LocationChangedEventArgs>);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components;NavigationManager;remove_LocationChanged;(System.EventHandler<Microsoft.AspNetCore.Components.Routing.LocationChangedEventArgs>);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Boolean);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Boolean);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.DateOnly);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.DateOnly);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.DateTime);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.DateTime);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Decimal);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Decimal);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Double);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Double);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Guid);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Guid);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Int32);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Int32);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Int64);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Int64);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Boolean>);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Boolean>);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.DateOnly>);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.DateOnly>);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.DateTime>);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.DateTime>);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Decimal>);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Decimal>);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Double>);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Double>);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Guid>);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Guid>);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Int32>);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Int32>);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Int64>);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Int64>);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Single>);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.Single>);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.TimeOnly>);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Nullable<System.TimeOnly>);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Single);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Single);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.String);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.String);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.TimeOnly);Argument[1];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameter;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.TimeOnly);Argument[2];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameters;(Microsoft.AspNetCore.Components.NavigationManager,System.Collections.Generic.IReadOnlyDictionary<System.String,System.Object>);Argument[1].Element.Property[System.Collections.Generic.KeyValuePair`2.Key];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameters;(Microsoft.AspNetCore.Components.NavigationManager,System.Collections.Generic.IReadOnlyDictionary<System.String,System.Object>);Argument[1].Element.Property[System.Collections.Generic.KeyValuePair`2.Value];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameters;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Collections.Generic.IReadOnlyDictionary<System.String,System.Object>);Argument[1].Element.Property[System.Collections.Generic.KeyValuePair`2.Key];ReturnValue;taint;manual |
+| Microsoft.AspNetCore.Components;NavigationManagerExtensions;GetUriWithQueryParameters;(Microsoft.AspNetCore.Components.NavigationManager,System.String,System.Collections.Generic.IReadOnlyDictionary<System.String,System.Object>);Argument[1].Element.Property[System.Collections.Generic.KeyValuePair`2.Value];ReturnValue;taint;manual |
 | Microsoft.AspNetCore.Components;PersistentComponentState;RegisterOnPersisting;(System.Func<System.Threading.Tasks.Task>);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components;PersistentComponentState;RegisterOnPersisting;(System.Func<System.Threading.Tasks.Task>,Microsoft.AspNetCore.Components.IComponentRenderMode);Argument[0];Argument[0].Parameter[delegate-self];value;hq-generated |
 | Microsoft.AspNetCore.Components;RenderFragment;BeginInvoke;(Microsoft.AspNetCore.Components.Rendering.RenderTreeBuilder,System.AsyncCallback,System.Object);Argument[1];Argument[1].Parameter[delegate-self];value;hq-generated |

From 0a9dc85e62802cf5a7e2948b6111439586f97ae8 Mon Sep 17 00:00:00 2001
From: Ed Minnix <egregius313@github.com>
Date: Wed, 18 Dec 2024 21:53:03 -0500
Subject: [PATCH 5/5] Change note

---
 ...giationmanager::navigateto-and-geturiwithqueryparameter.md | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 csharp/ql/lib/change-notes/2024-12-18-model-navgiationmanager::navigateto-and-geturiwithqueryparameter.md

diff --git a/csharp/ql/lib/change-notes/2024-12-18-model-navgiationmanager::navigateto-and-geturiwithqueryparameter.md b/csharp/ql/lib/change-notes/2024-12-18-model-navgiationmanager::navigateto-and-geturiwithqueryparameter.md
new file mode 100644
index 000000000000..8d10af832db4
--- /dev/null
+++ b/csharp/ql/lib/change-notes/2024-12-18-model-navgiationmanager::navigateto-and-geturiwithqueryparameter.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Added sink models for `NagivationManager::NavigateTo` and summaries for methods for adding query parameters to a URI using `NavigationManager`. The `cs/web/unvalidated-url-redirection` query is now more aware of URL redirection in Blazor.