Now nextUrl is of type parameter and loosen the restriction for NextAppRouteHandler

Author: Napalys

javascript/ql/lib/semmle/javascript/frameworks/Next.qll

@@ -286,12 +286,7 @@ module NextJS {
         mod.getFile().getStem() = "middleware"
       |
         this =
-          mod.getAnExportedValue([any(Http::RequestMethodName m), "middleware"]).getAFunctionValue() and
-        (
-          this.getParameter(0).hasUnderlyingType("next/server", "NextRequest")
-          or
-          this.getParameter(0).hasUnderlyingType("Request")
-        )
+          mod.getAnExportedValue([any(Http::RequestMethodName m), "middleware"]).getAFunctionValue()
       )
     }
 
@@ -318,18 +313,17 @@ module NextJS {
       ) and
       kind = "body"
       or
-      (
-        this = handler.getRequest().getAPropertyRead(["url", "nextUrl"])
-        or
-        this =
-          handler
-              .getRequest()
-              .getAPropertyRead("nextUrl")
-              .getAPropertyRead("searchParams")
-              .getAMemberCall("get")
-      ) and
+      this = handler.getRequest().getAPropertyRead(["url", "nextUrl"]) and
       kind = "url"
       or
+      this =
+        handler
+            .getRequest()
+            .getAPropertyRead("nextUrl")
+            .getAPropertyRead("searchParams")
+            .getAMemberCall("get") and
+      kind = "parameter"
+      or
       this = handler.getRequest().getAPropertyRead("headers") and kind = "headers"
     }