mirror of
https://github.com/github/codeql.git
synced 2026-03-30 20:28:15 +02:00
Merge branch 'main' of https://github.com/github/codeql into oscarsj/merge-back-rc-3.21
This commit is contained in:
Óscar San José
@@ -0,0 +1,4 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Inline expectations test comments, which are of the form `// $ tag` or `// $ tag=value`, are now parsed more strictly and will not be recognized if there isn't a space after the `$` symbol.
|
||||
@@ -453,7 +453,7 @@ is_arguments_object (int id: @variable ref);
|
||||
|
||||
@lexical_name = @variable | @local_type_name | @local_namespace_name;
|
||||
|
||||
@bind_id = @varaccess | @local_var_type_access;
|
||||
@bind_id = @varaccess | @local_var_type_access | @this_expr;
|
||||
bind (unique int id: @bind_id ref,
|
||||
int decl: @variable ref);
|
||||
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@@ -0,0 +1,2 @@
|
||||
description: Add variable bindings for 'this'
|
||||
compatibility: partial
|
||||
@@ -1,34 +1,34 @@
|
||||
(function () {
|
||||
const socket = new WebSocket('ws://localhost:8080'); // $clientSocket
|
||||
const socket = new WebSocket('ws://localhost:8080'); // $ clientSocket
|
||||
|
||||
socket.addEventListener('open', function (event) {
|
||||
socket.send('Hi from browser!'); // $clientSend
|
||||
socket.send('Hi from browser!'); // $ clientSend
|
||||
});
|
||||
|
||||
socket.addEventListener('message', function (event) {
|
||||
console.log('Message from server ', event.data); // $ remoteFlow
|
||||
}); // $clientReceive
|
||||
}); // $ clientReceive
|
||||
|
||||
socket.onmessage = function (event) {
|
||||
console.log("Message from server 2", event.data); // $ remoteFlow
|
||||
}; // $clientReceive
|
||||
}; // $ clientReceive
|
||||
})();
|
||||
|
||||
|
||||
(function () {
|
||||
var sock = new SockJS('http://0.0.0.0:9999/echo'); // $clientSocket
|
||||
var sock = new SockJS('http://0.0.0.0:9999/echo'); // $ clientSocket
|
||||
sock.onopen = function () {
|
||||
sock.send('test'); // $clientSend
|
||||
sock.send('test'); // $ clientSend
|
||||
};
|
||||
|
||||
|
||||
sock.onmessage = function (e) {
|
||||
console.log('message', e.data); // $ remoteFlow
|
||||
sock.close();
|
||||
}; // $clientReceive
|
||||
|
||||
}; // $ clientReceive
|
||||
|
||||
sock.addEventListener('message', function (event) {
|
||||
console.log('Using addEventListener ', event.data); // $ remoteFlow
|
||||
}); // $clientReceive
|
||||
}); // $ clientReceive
|
||||
})();
|
||||
|
||||
export const MyWebSocket = WebSocket;
|
||||
|
||||
@@ -1,15 +1,15 @@
|
||||
const WebSocket = require('ws');
|
||||
|
||||
(function () {
|
||||
const ws = new WebSocket('ws://example.org'); // $clientSocket
|
||||
const ws = new WebSocket('ws://example.org'); // $ clientSocket
|
||||
|
||||
ws.on('open', function open() {
|
||||
ws.send('Hi from client!'); // $clientSend
|
||||
ws.send('Hi from client!'); // $ clientSend
|
||||
});
|
||||
|
||||
ws.on('message', function incoming(data) { // $ remoteFlow
|
||||
console.log(data);
|
||||
}); // $clientReceive
|
||||
}); // $ clientReceive
|
||||
})();
|
||||
|
||||
module.exports.MyWebSocketWS = require('ws');
|
||||
|
||||
@@ -3,12 +3,12 @@ const WebSocket = require('ws');
|
||||
(function () {
|
||||
const wss = new WebSocket.Server({ port: 8080 });
|
||||
|
||||
wss.on('connection', function connection(ws) { // $serverSocket
|
||||
ws.on('message', function incoming(message) { // $remoteFlow
|
||||
wss.on('connection', function connection(ws) { // $ serverSocket
|
||||
ws.on('message', function incoming(message) { // $ remoteFlow
|
||||
console.log('received: %s', message);
|
||||
}); // $serverReceive
|
||||
}); // $ serverReceive
|
||||
|
||||
ws.send('Hi from server!'); // $serverSend
|
||||
ws.send('Hi from server!'); // $ serverSend
|
||||
});
|
||||
})();
|
||||
|
||||
|
||||
@@ -5,11 +5,11 @@ const sockjs = require('sockjs');
|
||||
const app = express();
|
||||
const server = http.createServer(app);
|
||||
const sockjs_echo = sockjs.createServer({});
|
||||
sockjs_echo.on('connection', function (conn) { // $serverSocket
|
||||
conn.on('data', function (message) { // $remoteFlow
|
||||
sockjs_echo.on('connection', function (conn) { // $ serverSocket
|
||||
conn.on('data', function (message) { // $ remoteFlow
|
||||
var data = JSON.parse(message);
|
||||
conn.write(JSON.stringify(eval(data.test))); // $serverSend
|
||||
}); // $serverReceive
|
||||
conn.write(JSON.stringify(eval(data.test))); // $ serverSend
|
||||
}); // $ serverReceive
|
||||
});
|
||||
|
||||
sockjs_echo.installHandlers(server, { prefix: '/echo' });
|
||||
|
||||
@@ -54,23 +54,30 @@ getAnAssignedExpr
|
||||
| y | let.js:19:12:19:13 | 19 |
|
||||
getDeclaringContainer
|
||||
| arrayPatternDefault.js:1:2:1:1 | arguments | arrayPatternDefault.js:1:2:4:1 | functio ... bal2;\\n} |
|
||||
| arrayPatternDefault.js:1:2:1:1 | this | arrayPatternDefault.js:1:2:4:1 | functio ... bal2;\\n} |
|
||||
| arrayPatternDefault.js:1:11:1:11 | o | arrayPatternDefault.js:1:2:4:1 | functio ... bal2;\\n} |
|
||||
| arrayPatternDefault.js:2:8:2:8 | x | arrayPatternDefault.js:1:2:4:1 | functio ... bal2;\\n} |
|
||||
| assignments.js:3:1:3:0 | arguments | assignments.js:3:1:6:1 | functio ... = 56;\\n} |
|
||||
| assignments.js:3:1:3:0 | this | assignments.js:3:1:6:1 | functio ... = 56;\\n} |
|
||||
| assignments.js:4:6:4:6 | g | assignments.js:3:1:6:1 | functio ... = 56;\\n} |
|
||||
| assignments.js:4:10:4:9 | arguments | assignments.js:4:10:4:24 | function h() {} |
|
||||
| assignments.js:4:10:4:9 | this | assignments.js:4:10:4:24 | function h() {} |
|
||||
| assignments.js:4:19:4:19 | h | assignments.js:4:10:4:24 | function h() {} |
|
||||
| defaultargs.js:1:2:1:1 | this | defaultargs.js:1:2:5:1 | functio ... ]) {}\\n} |
|
||||
| defaultargs.js:2:7:2:7 | x | defaultargs.js:1:2:5:1 | functio ... ]) {}\\n} |
|
||||
| defaultargs.js:2:10:2:18 | arguments | defaultargs.js:1:2:5:1 | functio ... ]) {}\\n} |
|
||||
| defaultargs.js:3:3:3:2 | arguments | defaultargs.js:3:3:3:25 | functio ... = x) {} |
|
||||
| defaultargs.js:3:3:3:2 | this | defaultargs.js:3:3:3:25 | functio ... = x) {} |
|
||||
| defaultargs.js:3:12:3:12 | f | defaultargs.js:1:2:5:1 | functio ... ]) {}\\n} |
|
||||
| defaultargs.js:3:14:3:14 | x | defaultargs.js:3:3:3:25 | functio ... = x) {} |
|
||||
| defaultargs.js:3:17:3:17 | y | defaultargs.js:3:3:3:25 | functio ... = x) {} |
|
||||
| defaultargs.js:4:3:4:2 | arguments | defaultargs.js:4:3:4:51 | functio ... [0]) {} |
|
||||
| defaultargs.js:4:3:4:2 | this | defaultargs.js:4:3:4:51 | functio ... [0]) {} |
|
||||
| defaultargs.js:4:12:4:12 | g | defaultargs.js:1:2:5:1 | functio ... ]) {}\\n} |
|
||||
| defaultargs.js:4:14:4:14 | x | defaultargs.js:4:3:4:51 | functio ... [0]) {} |
|
||||
| defaultargs.js:4:32:4:32 | y | defaultargs.js:4:3:4:51 | functio ... [0]) {} |
|
||||
| for.js:1:2:1:1 | arguments | for.js:1:2:5:1 | functio ... x;\\n} |
|
||||
| for.js:1:2:1:1 | this | for.js:1:2:5:1 | functio ... x;\\n} |
|
||||
| for.js:1:11:1:11 | o | for.js:1:2:5:1 | functio ... x;\\n} |
|
||||
| for.js:2:7:2:7 | x | for.js:1:2:5:1 | functio ... x;\\n} |
|
||||
| legacyletstmt.js:3:6:3:6 | x | legacyletstmt.js:1:1:8:0 | <toplevel> |
|
||||
@@ -82,20 +89,26 @@ getDeclaringContainer
|
||||
| let.js:6:17:6:17 | x | let.js:1:1:22:0 | <toplevel> |
|
||||
| let.js:9:18:9:18 | x | let.js:1:1:22:0 | <toplevel> |
|
||||
| let.js:14:1:14:0 | arguments | let.js:14:1:21:1 | functio ... }\\n} |
|
||||
| let.js:14:1:14:0 | this | let.js:14:1:21:1 | functio ... }\\n} |
|
||||
| let.js:14:14:14:14 | x | let.js:14:1:21:1 | functio ... }\\n} |
|
||||
| let.js:17:11:17:11 | y | let.js:14:1:21:1 | functio ... }\\n} |
|
||||
| typeoftype.ts:1:1:1:0 | arguments | typeoftype.ts:1:1:6:1 | functio ... x\\n }\\n} |
|
||||
| typeoftype.ts:1:1:1:0 | this | typeoftype.ts:1:1:6:1 | functio ... x\\n }\\n} |
|
||||
| typeoftype.ts:2:7:2:7 | x | typeoftype.ts:1:1:6:1 | functio ... x\\n }\\n} |
|
||||
| typeoftype.ts:3:3:3:2 | arguments | typeoftype.ts:3:3:5:3 | functio ... e x\\n } |
|
||||
| typeoftype.ts:3:3:3:2 | this | typeoftype.ts:3:3:5:3 | functio ... e x\\n } |
|
||||
| typeoftype.ts:3:12:3:12 | g | typeoftype.ts:1:1:6:1 | functio ... x\\n }\\n} |
|
||||
| typeoftype.ts:4:9:4:9 | y | typeoftype.ts:3:3:5:3 | functio ... e x\\n } |
|
||||
| variables.js:8:1:8:0 | arguments | variables.js:8:1:12:1 | functio ... ar x;\\n} |
|
||||
| variables.js:8:1:8:0 | this | variables.js:8:1:12:1 | functio ... ar x;\\n} |
|
||||
| variables.js:9:6:9:6 | x | variables.js:8:1:12:1 | functio ... ar x;\\n} |
|
||||
| variables.js:13:1:13:0 | arguments | variables.js:13:1:23:1 | functio ... z;\\n\\t}\\n} |
|
||||
| variables.js:13:1:13:0 | this | variables.js:13:1:23:1 | functio ... z;\\n\\t}\\n} |
|
||||
| variables.js:13:12:13:12 | y | variables.js:13:1:23:1 | functio ... z;\\n\\t}\\n} |
|
||||
| variables.js:13:15:13:15 | z | variables.js:13:1:23:1 | functio ... z;\\n\\t}\\n} |
|
||||
| variables.js:15:6:15:6 | x | variables.js:13:1:23:1 | functio ... z;\\n\\t}\\n} |
|
||||
| variables.js:16:2:16:1 | arguments | variables.js:16:2:22:2 | functio ... y+z;\\n\\t} |
|
||||
| variables.js:16:2:16:1 | this | variables.js:16:2:22:2 | functio ... y+z;\\n\\t} |
|
||||
| variables.js:16:11:16:11 | h | variables.js:13:1:23:1 | functio ... z;\\n\\t}\\n} |
|
||||
| variables.js:16:13:16:13 | z | variables.js:16:2:22:2 | functio ... y+z;\\n\\t} |
|
||||
| variables.js:18:11:18:11 | y | variables.js:16:2:22:2 | functio ... y+z;\\n\\t} |
|
||||
|
||||
@@ -7,7 +7,7 @@ interface MyInterface {
|
||||
constructor(): string; // $ Alert - This a called "constructor"
|
||||
new(): Date; // OK - This a constructor signature.
|
||||
|
||||
myNumber: 123;
|
||||
myNumber: 123;
|
||||
}
|
||||
|
||||
var a : MyFunction = null as any;
|
||||
@@ -25,7 +25,7 @@ class Foo {
|
||||
|
||||
}
|
||||
myString = "foobar"
|
||||
|
||||
|
||||
myMethod(): boolean {
|
||||
return Math.random() > 0.5;
|
||||
}
|
||||
@@ -71,17 +71,17 @@ class StaticMethods {
|
||||
}
|
||||
|
||||
interface Overloaded {
|
||||
function(x: string): string; // $Alert
|
||||
function(x: number): number; // $Alert
|
||||
function(x: any): any; // $Alert
|
||||
function(x: string): string; // $ Alert
|
||||
function(x: number): number; // $ Alert
|
||||
function(x: any): any; // $ Alert
|
||||
}
|
||||
|
||||
abstract class AbstractFoo {
|
||||
abstract new(): void; // $Alert
|
||||
abstract new(): void; // $ Alert
|
||||
}
|
||||
|
||||
abstract class AbstractFooFunction {
|
||||
abstract function(): number; // $Alert
|
||||
abstract function(): number; // $ Alert
|
||||
}
|
||||
|
||||
abstract class AbstractFooConstructor {
|
||||
@@ -90,12 +90,12 @@ abstract class AbstractFooConstructor {
|
||||
|
||||
declare module "some-module" {
|
||||
interface ModuleInterface {
|
||||
function(): void; // $Alert
|
||||
function(): void; // $ Alert
|
||||
}
|
||||
}
|
||||
|
||||
type Intersection = {
|
||||
function(): number; // $Alert
|
||||
function(): number; // $ Alert
|
||||
} & {
|
||||
other(): string;
|
||||
};
|
||||
@@ -107,13 +107,13 @@ type Union = {
|
||||
};
|
||||
|
||||
type Union2 = {
|
||||
constructor(): number; // $Alert
|
||||
constructor(): number; // $ Alert
|
||||
} | {
|
||||
valid(): string;
|
||||
};
|
||||
|
||||
type Intersection2 = {
|
||||
constructor(): number; // $Alert
|
||||
constructor(): number; // $ Alert
|
||||
} & {
|
||||
other(): string;
|
||||
};
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
| tst2.js:4:3:6:3 | getX: f ... .x;\\n } | This property is overwritten by $@ in the same object literal. | tst2.js:12:3:14:3 | getX: f ... .x;\\n } | another property |
|
||||
| tst2.js:8:3:10:3 | setX: f ... x;\\n } | This property is overwritten by $@ in the same object literal. | tst2.js:16:3:18:3 | setX: f ... x;\\n } | another property |
|
||||
| tst.js:20:3:20:7 | x: 23 | This property is overwritten by $@ in the same object literal. | tst.js:23:3:23:7 | x: 56 | another property |
|
||||
| tst.js:21:3:21:12 | y: "hello" | This property is overwritten by $@ in the same object literal. | tst.js:24:3:24:14 | "y": "world" | another property |
|
||||
|
||||
@@ -3,7 +3,7 @@ var o = {
|
||||
|
||||
getX: function() {
|
||||
return this.x;
|
||||
},
|
||||
}, // $ Alert
|
||||
|
||||
setX: function(x) {
|
||||
this.x = x;
|
||||
|
||||
@@ -1,4 +1,3 @@
|
||||
| tst2.js:4:3:6:3 | getX: f ... .x;\\n } | This property is duplicated $@. | tst2.js:12:3:14:3 | getX: f ... .x;\\n } | in a later property |
|
||||
| tst.js:2:3:2:16 | "key": "value" | This property is duplicated $@. | tst.js:5:3:5:16 | "key": "value" | in a later property |
|
||||
| tst.js:4:3:4:14 | "1": "value" | This property is duplicated $@. | tst.js:11:3:11:12 | 1: "value" | in a later property |
|
||||
| tst.js:5:3:5:16 | "key": "value" | This property is duplicated $@. | tst.js:6:3:6:16 | 'key': "value" | in a later property |
|
||||
|
||||
@@ -3,11 +3,11 @@ var o = {
|
||||
|
||||
getX: function() {
|
||||
return this.x;
|
||||
}, // $ Alert
|
||||
}, // $ MISSING: Alert // The structural comparison fails to treat the two 'this' variables as the same
|
||||
|
||||
setX: function(x) {
|
||||
this.x = x;
|
||||
},
|
||||
}, // $ MISSING: Alert // The structural comparison fails to treat the two 'x' variables as the same
|
||||
|
||||
getX: function() {
|
||||
return this.x;
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
function f(){
|
||||
a.clientTop && a.clientTop, a.clientTop === !0; //$Alert
|
||||
function f() {
|
||||
a.clientTop && a.clientTop, a.clientTop === !0; // $ Alert
|
||||
a && a.clientTop;
|
||||
a.clientTop, a.clientTop;
|
||||
if(a) return a.clientTop && a.clientTop, a.clientTop === !0;
|
||||
if(b) return b && (b.clientTop, b.clientTop && b.clientTop), null;
|
||||
if (a) return a.clientTop && a.clientTop, a.clientTop === !0;
|
||||
if (b) return b && (b.clientTop, b.clientTop && b.clientTop), null;
|
||||
}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
function test() {
|
||||
{
|
||||
const stream = getStream();
|
||||
stream.pipe(destination).on("error", e); // $Alert
|
||||
stream.pipe(destination).on("error", e); // $ Alert
|
||||
}
|
||||
{
|
||||
const stream = getStream();
|
||||
@@ -16,7 +16,7 @@ function test() {
|
||||
{
|
||||
const stream = getStream();
|
||||
const s2 = stream;
|
||||
s2.pipe(dest).on("error", e); // $Alert
|
||||
s2.pipe(dest).on("error", e); // $ Alert
|
||||
}
|
||||
{
|
||||
const stream = getStream();
|
||||
@@ -33,7 +33,7 @@ function test() {
|
||||
{
|
||||
const s = getStream().on('error', handler);
|
||||
const d = getDest();
|
||||
s.pipe(d);
|
||||
s.pipe(d);
|
||||
}
|
||||
{
|
||||
getStream().on('error', handler).pipe(dest);
|
||||
@@ -42,12 +42,12 @@ function test() {
|
||||
const stream = getStream();
|
||||
stream.on('error', handleError);
|
||||
const stream2 = stream.pipe(destination);
|
||||
stream2.pipe(destination2).on("error", e); // $Alert
|
||||
stream2.pipe(destination2).on("error", e); // $ Alert
|
||||
}
|
||||
{
|
||||
const stream = getStream();
|
||||
stream.on('error', handleError);
|
||||
const destination = getDest();
|
||||
const destination = getDest();
|
||||
destination.on('error', handleError);
|
||||
const stream2 = stream.pipe(destination);
|
||||
const s3 = stream2;
|
||||
@@ -57,13 +57,13 @@ function test() {
|
||||
const stream = getStream();
|
||||
stream.on('error', handleError);
|
||||
const stream2 = stream.pipe(destination);
|
||||
stream2.pipe(destination2).on("error", e); // $Alert
|
||||
stream2.pipe(destination2).on("error", e); // $ Alert
|
||||
}
|
||||
{ // Error handler on destination instead of source
|
||||
const stream = getStream();
|
||||
const dest = getDest();
|
||||
dest.on('error', handler);
|
||||
stream.pipe(dest).on("error", e); // $Alert
|
||||
stream.pipe(dest).on("error", e); // $ Alert
|
||||
}
|
||||
{ // Multiple aliases, error handler on one
|
||||
const stream = getStream();
|
||||
@@ -76,7 +76,7 @@ function test() {
|
||||
const stream = getStream();
|
||||
const s2 = stream.pipe(destination1);
|
||||
stream.on('error', handleError);
|
||||
s2.pipe(destination2).on("error", e); // $Alert
|
||||
s2.pipe(destination2).on("error", e); // $ Alert
|
||||
}
|
||||
{ // Handler registered via .once
|
||||
const stream = getStream();
|
||||
@@ -91,24 +91,24 @@ function test() {
|
||||
{ // Handler registered for unrelated event
|
||||
const stream = getStream();
|
||||
stream.on('close', handleClose);
|
||||
stream.pipe(dest).on("error", e); // $Alert
|
||||
stream.pipe(dest).on("error", e); // $ Alert
|
||||
}
|
||||
{ // Error handler registered after pipe, but before error
|
||||
const stream = getStream();
|
||||
stream.pipe(dest);
|
||||
setTimeout(() => stream.on('error', handleError), 8000); // $MISSING:Alert
|
||||
setTimeout(() => stream.on('error', handleError), 8000); // $ MISSING:Alert
|
||||
}
|
||||
{ // Pipe in a function, error handler outside
|
||||
const stream = getStream();
|
||||
function doPipe(s) { s.pipe(dest); }
|
||||
function doPipe(s) { s.pipe(dest); }
|
||||
stream.on('error', handleError);
|
||||
doPipe(stream);
|
||||
}
|
||||
{ // Pipe in a function, error handler not set
|
||||
const stream = getStream();
|
||||
function doPipe(s) {
|
||||
f = s.pipe(dest); // $Alert
|
||||
f.on("error", e);
|
||||
function doPipe(s) {
|
||||
f = s.pipe(dest); // $ Alert
|
||||
f.on("error", e);
|
||||
}
|
||||
doPipe(stream);
|
||||
}
|
||||
@@ -116,7 +116,7 @@ function test() {
|
||||
const stream = getStream();
|
||||
const event = 'error';
|
||||
stream.on(event, handleError);
|
||||
stream.pipe(dest).on("error", e); // $SPURIOUS:Alert
|
||||
stream.pipe(dest).on("error", e); // $ SPURIOUS:Alert
|
||||
}
|
||||
{ // Handler assigned via variable property
|
||||
const stream = getStream();
|
||||
@@ -125,7 +125,7 @@ function test() {
|
||||
stream.pipe(dest);
|
||||
}
|
||||
{ // Pipe with no intermediate variable, no error handler
|
||||
getStream().pipe(dest).on("error", e); // $Alert
|
||||
getStream().pipe(dest).on("error", e); // $ Alert
|
||||
}
|
||||
{ // Handler set via .addListener synonym
|
||||
const stream = getStream();
|
||||
@@ -143,7 +143,7 @@ function test() {
|
||||
}
|
||||
{ // Long chained pipe without error handler
|
||||
const stream = getStream();
|
||||
stream.pause().setEncoding('utf8').resume().pipe(writable).on("error", e); // $Alert
|
||||
stream.pause().setEncoding('utf8').resume().pipe(writable).on("error", e); // $ Alert
|
||||
}
|
||||
{ // Long chained pipe without error handler
|
||||
const stream = getStream();
|
||||
@@ -157,13 +157,13 @@ function test() {
|
||||
const notStream = getNotAStream();
|
||||
const result = notStream.pipe(writable);
|
||||
const dealWithResult = (result) => { result.subscribe(); };
|
||||
dealWithResult(result);
|
||||
dealWithResult(result);
|
||||
}
|
||||
{ // Non-stream with pipe method that returns subscribable object (Streams do not have subscribe method)
|
||||
const notStream = getNotAStream();
|
||||
const pipeIt = (someVariable) => { return someVariable.pipe(something); };
|
||||
let x = pipeIt(notStream);
|
||||
x.subscribe();
|
||||
x.subscribe();
|
||||
}
|
||||
{ // Calling custom pipe method with no arguments
|
||||
const notStream = getNotAStream();
|
||||
@@ -179,7 +179,7 @@ function test() {
|
||||
}
|
||||
{ // Member access on a stream after pipe
|
||||
const notStream = getNotAStream();
|
||||
const val = notStream.pipe(writable).on("error", e).readable; // $Alert
|
||||
const val = notStream.pipe(writable).on("error", e).readable; // $ Alert
|
||||
}
|
||||
{ // Method access on a non-stream after pipe
|
||||
const notStream = getNotAStream();
|
||||
@@ -189,14 +189,14 @@ function test() {
|
||||
const fs = require('fs');
|
||||
const stream = fs.createReadStream('file.txt');
|
||||
const copyStream = stream;
|
||||
copyStream.pipe(destination).on("error", e); // $Alert
|
||||
copyStream.pipe(destination).on("error", e); // $ Alert
|
||||
}
|
||||
{
|
||||
const notStream = getNotAStream();
|
||||
const something = notStream.someNotStreamPropertyAccess;
|
||||
const val = notStream.pipe(writable);
|
||||
}
|
||||
{
|
||||
{
|
||||
const notStream = getNotAStream();
|
||||
const something = notStream.someNotStreamPropertyAccess();
|
||||
const val = notStream.pipe(writable);
|
||||
@@ -207,7 +207,7 @@ function test() {
|
||||
}
|
||||
{
|
||||
const notStream = getNotAStream();
|
||||
notStream.pipe(()=>{});
|
||||
notStream.pipe(() => { });
|
||||
}
|
||||
{
|
||||
const plumber = require('gulp-plumber');
|
||||
@@ -230,6 +230,6 @@ function test() {
|
||||
}
|
||||
{
|
||||
const notStream = getNotAStream();
|
||||
notStream.pipe(getStream(),()=>{});
|
||||
notStream.pipe(getStream(), () => { });
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,11 +1,11 @@
|
||||
const fs = require('fs');
|
||||
const zlib = require('zlib');
|
||||
|
||||
function foo(){
|
||||
function foo() {
|
||||
const source = fs.createReadStream('input.txt');
|
||||
const gzip = zlib.createGzip();
|
||||
const destination = fs.createWriteStream('output.txt.gz');
|
||||
source.pipe(gzip).pipe(destination); // $Alert
|
||||
source.pipe(gzip).pipe(destination); // $ Alert
|
||||
gzip.on('error', e);
|
||||
}
|
||||
class StreamWrapper {
|
||||
@@ -34,14 +34,14 @@ function zip1() {
|
||||
function zip2() {
|
||||
const zipStream = createWriteStream(zipPath);
|
||||
let wrapper = new StreamWrapper();
|
||||
let outStream = wrapper.outputStream.pipe(zipStream); // $Alert
|
||||
let outStream = wrapper.outputStream.pipe(zipStream); // $ Alert
|
||||
outStream.on('error', e);
|
||||
}
|
||||
|
||||
function zip3() {
|
||||
const zipStream = createWriteStream(zipPath);
|
||||
let wrapper = new StreamWrapper();
|
||||
wrapper.outputStream.pipe(zipStream); // $Alert
|
||||
wrapper.outputStream.pipe(zipStream); // $ Alert
|
||||
zipStream.on('error', e);
|
||||
}
|
||||
|
||||
@@ -49,14 +49,14 @@ function zip3() {
|
||||
const zipStream = createWriteStream(zipPath);
|
||||
let wrapper = new StreamWrapper();
|
||||
let source = getStream();
|
||||
source.pipe(wrapper.outputStream); // $Alert
|
||||
source.pipe(wrapper.outputStream); // $ Alert
|
||||
wrapper.outputStream.on('error', e);
|
||||
}
|
||||
|
||||
function zip4() {
|
||||
const zipStream = createWriteStream(zipPath);
|
||||
let stream = getStream();
|
||||
let output = stream.pipe(zipStream); // $Alert
|
||||
let output = stream.pipe(zipStream); // $ Alert
|
||||
output.on('error', e);
|
||||
}
|
||||
|
||||
@@ -89,7 +89,7 @@ class StreamWrapper3 {
|
||||
function zip5() {
|
||||
const zipStream = createWriteStream(zipPath);
|
||||
let wrapper = new StreamWrapper3();
|
||||
wrapper.pipeIt(zipStream); // $MISSING:Alert
|
||||
wrapper.pipeIt(zipStream); // $ MISSING:Alert
|
||||
zipStream.on('error', e);
|
||||
}
|
||||
function zip6() {
|
||||
@@ -108,6 +108,6 @@ function zip7() {
|
||||
const zipStream = createWriteStream(zipPath);
|
||||
let stream = getStream();
|
||||
registerErr(stream, e);
|
||||
stream.pipe(zipStream); // $SPURIOUS:Alert
|
||||
stream.pipe(zipStream); // $ SPURIOUS:Alert
|
||||
zipStream.on('error', e);
|
||||
}
|
||||
|
||||
@@ -3,17 +3,17 @@ import http from 'node:http'
|
||||
import url from 'url'
|
||||
|
||||
http.createServer(async function (req, res) {
|
||||
let filePath = url.parse(req.url, true).query["filePath"][0]; // $Source
|
||||
let filePath = url.parse(req.url, true).query["filePath"][0]; // $ Source
|
||||
|
||||
// Piping to stdin from a file
|
||||
await $({ inputFile: filePath })`cat` // $Alert
|
||||
await $({ inputFile: filePath })`cat` // $ Alert
|
||||
|
||||
// Piping to stdin from a file
|
||||
await execa('cat', { inputFile: filePath }); // $Alert
|
||||
await execa('cat', { inputFile: filePath }); // $ Alert
|
||||
|
||||
// Piping Stdout to file
|
||||
await execa('echo', ['example3']).pipeStdout(filePath); // $Alert
|
||||
await execa('echo', ['example3']).pipeStdout(filePath); // $ Alert
|
||||
|
||||
// Piping all of command output to file
|
||||
await execa('echo', ['example4'], { all: true }).pipeAll(filePath); // $Alert
|
||||
await execa('echo', ['example4'], { all: true }).pipeAll(filePath); // $ Alert
|
||||
});
|
||||
|
||||
@@ -3,33 +3,33 @@ import http from 'node:http'
|
||||
import url from 'url'
|
||||
|
||||
http.createServer(async function (req, res) {
|
||||
let cmd = url.parse(req.url, true).query["cmd"][0]; // $Source
|
||||
let arg1 = url.parse(req.url, true).query["arg1"]; // $Source
|
||||
let arg2 = url.parse(req.url, true).query["arg2"]; // $Source
|
||||
let arg3 = url.parse(req.url, true).query["arg3"]; // $Source
|
||||
let cmd = url.parse(req.url, true).query["cmd"][0]; // $ Source
|
||||
let arg1 = url.parse(req.url, true).query["arg1"]; // $ Source
|
||||
let arg2 = url.parse(req.url, true).query["arg2"]; // $ Source
|
||||
let arg3 = url.parse(req.url, true).query["arg3"]; // $ Source
|
||||
|
||||
await $`${cmd} ${arg1} ${arg2} ${arg3}`; // $Alert
|
||||
await $`${cmd} ${arg1} ${arg2} ${arg3}`; // $ Alert
|
||||
await $`ssh ${arg1} ${arg2} ${arg3}`; // safely escapes variables, preventing shell injection.
|
||||
$({ shell: false }).sync`${cmd} ${arg1} ${arg2} ${arg3}`; // $Alert
|
||||
$({ shell: true }).sync`${cmd} ${arg1} ${arg2} ${arg3}`; // $Alert
|
||||
$({ shell: false }).sync`${cmd} ${arg1} ${arg2} ${arg3}`; // $ Alert
|
||||
$({ shell: true }).sync`${cmd} ${arg1} ${arg2} ${arg3}`; // $ Alert
|
||||
$({ shell: false }).sync`ssh ${arg1} ${arg2} ${arg3}`; // safely escapes variables, preventing shell injection.
|
||||
|
||||
$.sync`${cmd} ${arg1} ${arg2} ${arg3}`; // $Alert
|
||||
$.sync`${cmd} ${arg1} ${arg2} ${arg3}`; // $ Alert
|
||||
$.sync`ssh ${arg1} ${arg2} ${arg3}`; // safely escapes variables, preventing shell injection.
|
||||
await $({ shell: true })`${cmd} ${arg1} ${arg2} ${arg3}`; // $Alert
|
||||
await $({ shell: false })`${cmd} ${arg1} ${arg2} ${arg3}`; // $Alert
|
||||
await $({ shell: true })`${cmd} ${arg1} ${arg2} ${arg3}`; // $ Alert
|
||||
await $({ shell: false })`${cmd} ${arg1} ${arg2} ${arg3}`; // $ Alert
|
||||
await $({ shell: false })`ssh ${arg1} ${arg2} ${arg3}`; // safely escapes variables, preventing shell injection.
|
||||
|
||||
await execa(cmd, [arg1, arg2, arg3]); // $Alert
|
||||
await execa(cmd, { shell: true }); // $Alert
|
||||
await execa(cmd, [arg1, arg2, arg3], { shell: true }); // $Alert
|
||||
await execa(cmd, [arg1, arg2, arg3]); // $ Alert
|
||||
await execa(cmd, { shell: true }); // $ Alert
|
||||
await execa(cmd, [arg1, arg2, arg3], { shell: true }); // $ Alert
|
||||
|
||||
execaSync(cmd, [arg1, arg2, arg3]); // $Alert
|
||||
execaSync(cmd, [arg1, arg2, arg3], { shell: true }); // $Alert
|
||||
execaSync(cmd, [arg1, arg2, arg3]); // $ Alert
|
||||
execaSync(cmd, [arg1, arg2, arg3], { shell: true }); // $ Alert
|
||||
|
||||
await execaCommand(cmd + arg1 + arg2 + arg3); // $Alert
|
||||
await execaCommand(cmd + arg1 + arg2 + arg3, { shell: true }); // $Alert
|
||||
await execaCommand(cmd + arg1 + arg2 + arg3); // $ Alert
|
||||
await execaCommand(cmd + arg1 + arg2 + arg3, { shell: true }); // $ Alert
|
||||
|
||||
execaCommandSync(cmd + arg1 + arg2 + arg3); // $Alert
|
||||
execaCommandSync(cmd + arg1 + arg2 + arg3, { shell: true }); // $Alert
|
||||
execaCommandSync(cmd + arg1 + arg2 + arg3); // $ Alert
|
||||
execaCommandSync(cmd + arg1 + arg2 + arg3, { shell: true }); // $ Alert
|
||||
});
|
||||
|
||||
@@ -6,39 +6,39 @@
|
||||
| apollo.serverSide.ts:8:39:8:64 | get(fil ... => {}) | apollo.serverSide.ts:7:36:7:44 | { files } | apollo.serverSide.ts:8:43:8:50 | file.url | The $@ of this request depends on a $@. | apollo.serverSide.ts:8:43:8:50 | file.url | URL | apollo.serverSide.ts:7:36:7:44 | { files } | user-provided value |
|
||||
| apollo.serverSide.ts:18:37:18:62 | get(fil ... => {}) | apollo.serverSide.ts:17:34:17:42 | { files } | apollo.serverSide.ts:18:41:18:48 | file.url | The $@ of this request depends on a $@. | apollo.serverSide.ts:18:41:18:48 | file.url | URL | apollo.serverSide.ts:17:34:17:42 | { files } | user-provided value |
|
||||
| axiosInterceptors.serverSide.js:11:26:11:40 | userProvidedUrl | axiosInterceptors.serverSide.js:19:21:19:28 | req.body | axiosInterceptors.serverSide.js:11:26:11:40 | userProvidedUrl | The $@ of this request depends on a $@. | axiosInterceptors.serverSide.js:11:26:11:40 | userProvidedUrl | endpoint | axiosInterceptors.serverSide.js:19:21:19:28 | req.body | user-provided value |
|
||||
| serverSide2.js:17:28:17:47 | axios.get(targetUrl) | serverSide2.js:10:25:10:31 | req.url | serverSide2.js:17:38:17:46 | targetUrl | The $@ of this request depends on a $@. | serverSide2.js:17:38:17:46 | targetUrl | URL | serverSide2.js:10:25:10:31 | req.url | user-provided value |
|
||||
| serverSide2.js:20:29:20:49 | axios.g ... etUrl1) | serverSide2.js:9:43:9:56 | req._parsedUrl | serverSide2.js:20:39:20:48 | targetUrl1 | The $@ of this request depends on a $@. | serverSide2.js:20:39:20:48 | targetUrl1 | URL | serverSide2.js:9:43:9:56 | req._parsedUrl | user-provided value |
|
||||
| serverSide2.js:23:29:23:49 | axios.g ... etUrl2) | serverSide2.js:22:24:22:30 | req.url | serverSide2.js:23:39:23:48 | targetUrl2 | The $@ of this request depends on a $@. | serverSide2.js:23:39:23:48 | targetUrl2 | URL | serverSide2.js:22:24:22:30 | req.url | user-provided value |
|
||||
| serverSide2.js:26:29:26:49 | axios.g ... etUrl3) | serverSide2.js:11:24:11:30 | req.url | serverSide2.js:26:39:26:48 | targetUrl3 | The $@ of this request depends on a $@. | serverSide2.js:26:39:26:48 | targetUrl3 | URL | serverSide2.js:11:24:11:30 | req.url | user-provided value |
|
||||
| serverSide2.js:17:26:17:45 | axios.get(targetUrl) | serverSide2.js:10:25:10:31 | req.url | serverSide2.js:17:36:17:44 | targetUrl | The $@ of this request depends on a $@. | serverSide2.js:17:36:17:44 | targetUrl | URL | serverSide2.js:10:25:10:31 | req.url | user-provided value |
|
||||
| serverSide2.js:20:27:20:47 | axios.g ... etUrl1) | serverSide2.js:9:43:9:56 | req._parsedUrl | serverSide2.js:20:37:20:46 | targetUrl1 | The $@ of this request depends on a $@. | serverSide2.js:20:37:20:46 | targetUrl1 | URL | serverSide2.js:9:43:9:56 | req._parsedUrl | user-provided value |
|
||||
| serverSide2.js:23:27:23:47 | axios.g ... etUrl2) | serverSide2.js:22:22:22:28 | req.url | serverSide2.js:23:37:23:46 | targetUrl2 | The $@ of this request depends on a $@. | serverSide2.js:23:37:23:46 | targetUrl2 | URL | serverSide2.js:22:22:22:28 | req.url | user-provided value |
|
||||
| serverSide2.js:26:27:26:47 | axios.g ... etUrl3) | serverSide2.js:11:24:11:30 | req.url | serverSide2.js:26:37:26:46 | targetUrl3 | The $@ of this request depends on a $@. | serverSide2.js:26:37:26:46 | targetUrl3 | URL | serverSide2.js:11:24:11:30 | req.url | user-provided value |
|
||||
| serverSide.js:18:5:18:20 | request(tainted) | serverSide.js:14:29:14:35 | req.url | serverSide.js:18:13:18:19 | tainted | The $@ of this request depends on a $@. | serverSide.js:18:13:18:19 | tainted | URL | serverSide.js:14:29:14:35 | req.url | user-provided value |
|
||||
| serverSide.js:20:5:20:24 | request.get(tainted) | serverSide.js:14:29:14:35 | req.url | serverSide.js:20:17:20:23 | tainted | The $@ of this request depends on a $@. | serverSide.js:20:17:20:23 | tainted | URL | serverSide.js:14:29:14:35 | req.url | user-provided value |
|
||||
| serverSide.js:24:5:24:20 | request(options) | serverSide.js:14:29:14:35 | req.url | serverSide.js:23:19:23:25 | tainted | The $@ of this request depends on a $@. | serverSide.js:23:19:23:25 | tainted | URL | serverSide.js:14:29:14:35 | req.url | user-provided value |
|
||||
| serverSide.js:26:5:26:32 | request ... ainted) | serverSide.js:14:29:14:35 | req.url | serverSide.js:26:13:26:31 | "http://" + tainted | The $@ of this request depends on a $@. | serverSide.js:26:13:26:31 | "http://" + tainted | URL | serverSide.js:14:29:14:35 | req.url | user-provided value |
|
||||
| serverSide.js:28:5:28:43 | request ... ainted) | serverSide.js:14:29:14:35 | req.url | serverSide.js:28:13:28:42 | "http:/ ... tainted | The $@ of this request depends on a $@. | serverSide.js:28:13:28:42 | "http:/ ... tainted | URL | serverSide.js:14:29:14:35 | req.url | user-provided value |
|
||||
| serverSide.js:30:5:30:44 | request ... ainted) | serverSide.js:14:29:14:35 | req.url | serverSide.js:30:13:30:43 | "http:/ ... tainted | The $@ of this request depends on a $@. | serverSide.js:30:13:30:43 | "http:/ ... tainted | URL | serverSide.js:14:29:14:35 | req.url | user-provided value |
|
||||
| serverSide.js:34:5:34:42 | http.ge ... inted}) | serverSide.js:14:29:14:35 | req.url | serverSide.js:34:34:34:40 | tainted | The $@ of this request depends on a $@. | serverSide.js:34:34:34:40 | tainted | host | serverSide.js:14:29:14:35 | req.url | user-provided value |
|
||||
| serverSide.js:34:5:34:44 | http.ge ... nted }) | serverSide.js:14:29:14:35 | req.url | serverSide.js:34:35:34:41 | tainted | The $@ of this request depends on a $@. | serverSide.js:34:35:34:41 | tainted | host | serverSide.js:14:29:14:35 | req.url | user-provided value |
|
||||
| serverSide.js:36:5:36:32 | XhrIo.s ... inted)) | serverSide.js:14:29:14:35 | req.url | serverSide.js:36:16:36:31 | new Uri(tainted) | The $@ of this request depends on a $@. | serverSide.js:36:16:36:31 | new Uri(tainted) | URL | serverSide.js:14:29:14:35 | req.url | user-provided value |
|
||||
| serverSide.js:37:5:37:38 | new Xhr ... inted)) | serverSide.js:14:29:14:35 | req.url | serverSide.js:37:22:37:37 | new Uri(tainted) | The $@ of this request depends on a $@. | serverSide.js:37:22:37:37 | new Uri(tainted) | URL | serverSide.js:14:29:14:35 | req.url | user-provided value |
|
||||
| serverSide.js:41:5:41:52 | request ... nted}`) | serverSide.js:14:29:14:35 | req.url | serverSide.js:41:13:41:51 | `http:/ ... inted}` | The $@ of this request depends on a $@. | serverSide.js:41:13:41:51 | `http:/ ... inted}` | URL | serverSide.js:14:29:14:35 | req.url | user-provided value |
|
||||
| serverSide.js:43:5:43:55 | request ... nted}`) | serverSide.js:14:29:14:35 | req.url | serverSide.js:43:13:43:54 | `http:/ ... inted}` | The $@ of this request depends on a $@. | serverSide.js:43:13:43:54 | `http:/ ... inted}` | URL | serverSide.js:14:29:14:35 | req.url | user-provided value |
|
||||
| serverSide.js:45:5:45:57 | request ... ainted) | serverSide.js:14:29:14:35 | req.url | serverSide.js:45:13:45:56 | 'http:/ ... tainted | The $@ of this request depends on a $@. | serverSide.js:45:13:45:56 | 'http:/ ... tainted | URL | serverSide.js:14:29:14:35 | req.url | user-provided value |
|
||||
| serverSide.js:61:2:61:37 | client. ... inted}) | serverSide.js:58:29:58:35 | req.url | serverSide.js:61:29:61:35 | tainted | The $@ of this request depends on a $@. | serverSide.js:61:29:61:35 | tainted | URL | serverSide.js:58:29:58:35 | req.url | user-provided value |
|
||||
| serverSide.js:64:3:64:38 | client. ... inted}) | serverSide.js:58:29:58:35 | req.url | serverSide.js:64:30:64:36 | tainted | The $@ of this request depends on a $@. | serverSide.js:64:30:64:36 | tainted | URL | serverSide.js:58:29:58:35 | req.url | user-provided value |
|
||||
| serverSide.js:68:3:68:38 | client. ... inted}) | serverSide.js:58:29:58:35 | req.url | serverSide.js:68:30:68:36 | tainted | The $@ of this request depends on a $@. | serverSide.js:68:30:68:36 | tainted | URL | serverSide.js:58:29:58:35 | req.url | user-provided value |
|
||||
| serverSide.js:61:5:61:42 | client. ... nted }) | serverSide.js:58:29:58:35 | req.url | serverSide.js:61:33:61:39 | tainted | The $@ of this request depends on a $@. | serverSide.js:61:33:61:39 | tainted | URL | serverSide.js:58:29:58:35 | req.url | user-provided value |
|
||||
| serverSide.js:64:9:64:46 | client. ... nted }) | serverSide.js:58:29:58:35 | req.url | serverSide.js:64:37:64:43 | tainted | The $@ of this request depends on a $@. | serverSide.js:64:37:64:43 | tainted | URL | serverSide.js:58:29:58:35 | req.url | user-provided value |
|
||||
| serverSide.js:68:9:68:46 | client. ... nted }) | serverSide.js:58:29:58:35 | req.url | serverSide.js:68:37:68:43 | tainted | The $@ of this request depends on a $@. | serverSide.js:68:37:68:43 | tainted | URL | serverSide.js:58:29:58:35 | req.url | user-provided value |
|
||||
| serverSide.js:76:5:76:26 | JSDOM.f ... ainted) | serverSide.js:74:29:74:35 | req.url | serverSide.js:76:19:76:25 | tainted | The $@ of this request depends on a $@. | serverSide.js:76:19:76:25 | tainted | URL | serverSide.js:74:29:74:35 | req.url | user-provided value |
|
||||
| serverSide.js:84:5:84:25 | JSDOM.f ... param1) | serverSide.js:83:38:83:43 | param1 | serverSide.js:84:19:84:24 | param1 | The $@ of this request depends on a $@. | serverSide.js:84:19:84:24 | param1 | URL | serverSide.js:83:38:83:43 | param1 | user-provided value |
|
||||
| serverSide.js:90:5:90:33 | JSDOM.f ... ms.foo) | serverSide.js:90:19:90:28 | ctx.params | serverSide.js:90:19:90:32 | ctx.params.foo | The $@ of this request depends on a $@. | serverSide.js:90:19:90:32 | ctx.params.foo | URL | serverSide.js:90:19:90:28 | ctx.params | user-provided value |
|
||||
| serverSide.js:92:5:92:33 | JSDOM.f ... ms.foo) | serverSide.js:92:19:92:28 | ctx.params | serverSide.js:92:19:92:32 | ctx.params.foo | The $@ of this request depends on a $@. | serverSide.js:92:19:92:32 | ctx.params.foo | URL | serverSide.js:92:19:92:28 | ctx.params | user-provided value |
|
||||
| serverSide.js:100:5:100:26 | new Web ... ainted) | serverSide.js:98:29:98:35 | req.url | serverSide.js:100:19:100:25 | tainted | The $@ of this request depends on a $@. | serverSide.js:100:19:100:25 | tainted | URL | serverSide.js:98:29:98:35 | req.url | user-provided value |
|
||||
| serverSide.js:109:20:109:30 | new ws(url) | serverSide.js:108:17:108:27 | request.url | serverSide.js:109:27:109:29 | url | The $@ of this request depends on a $@. | serverSide.js:109:27:109:29 | url | URL | serverSide.js:108:17:108:27 | request.url | user-provided value |
|
||||
| serverSide.js:117:20:117:30 | new ws(url) | serverSide.js:115:25:115:35 | request.url | serverSide.js:117:27:117:29 | url | The $@ of this request depends on a $@. | serverSide.js:117:27:117:29 | url | URL | serverSide.js:115:25:115:35 | request.url | user-provided value |
|
||||
| serverSide.js:109:24:109:34 | new ws(url) | serverSide.js:108:21:108:31 | request.url | serverSide.js:109:31:109:33 | url | The $@ of this request depends on a $@. | serverSide.js:109:31:109:33 | url | URL | serverSide.js:108:21:108:31 | request.url | user-provided value |
|
||||
| serverSide.js:117:24:117:34 | new ws(url) | serverSide.js:115:29:115:39 | request.url | serverSide.js:117:31:117:33 | url | The $@ of this request depends on a $@. | serverSide.js:117:31:117:33 | url | URL | serverSide.js:115:29:115:39 | request.url | user-provided value |
|
||||
| serverSide.js:125:5:128:6 | axios({ ... \\n }) | serverSide.js:123:29:123:35 | req.url | serverSide.js:127:14:127:20 | tainted | The $@ of this request depends on a $@. | serverSide.js:127:14:127:20 | tainted | URL | serverSide.js:123:29:123:35 | req.url | user-provided value |
|
||||
| serverSide.js:131:5:131:20 | axios.get(myUrl) | serverSide.js:123:29:123:35 | req.url | serverSide.js:131:15:131:19 | myUrl | The $@ of this request depends on a $@. | serverSide.js:131:15:131:19 | myUrl | URL | serverSide.js:123:29:123:35 | req.url | user-provided value |
|
||||
| serverSide.js:141:3:141:30 | axios.g ... ring()) | serverSide.js:139:17:139:29 | req.query.url | serverSide.js:141:13:141:29 | target.toString() | The $@ of this request depends on a $@. | serverSide.js:141:13:141:29 | target.toString() | URL | serverSide.js:139:17:139:29 | req.query.url | user-provided value |
|
||||
| serverSide.js:142:3:142:19 | axios.get(target) | serverSide.js:139:17:139:29 | req.query.url | serverSide.js:142:13:142:18 | target | The $@ of this request depends on a $@. | serverSide.js:142:13:142:18 | target | URL | serverSide.js:139:17:139:29 | req.query.url | user-provided value |
|
||||
| serverSide.js:143:3:143:24 | axios.g ... t.href) | serverSide.js:139:17:139:29 | req.query.url | serverSide.js:143:13:143:23 | target.href | The $@ of this request depends on a $@. | serverSide.js:143:13:143:23 | target.href | URL | serverSide.js:139:17:139:29 | req.query.url | user-provided value |
|
||||
| serverSide.js:145:3:145:23 | axios.g ... dedUrl) | serverSide.js:139:17:139:29 | req.query.url | serverSide.js:145:13:145:22 | encodedUrl | The $@ of this request depends on a $@. | serverSide.js:145:13:145:22 | encodedUrl | URL | serverSide.js:139:17:139:29 | req.query.url | user-provided value |
|
||||
| serverSide.js:147:3:147:23 | axios.g ... pedUrl) | serverSide.js:139:17:139:29 | req.query.url | serverSide.js:147:13:147:22 | escapedUrl | The $@ of this request depends on a $@. | serverSide.js:147:13:147:22 | escapedUrl | URL | serverSide.js:139:17:139:29 | req.query.url | user-provided value |
|
||||
| serverSide.js:141:5:141:32 | axios.g ... ring()) | serverSide.js:139:19:139:31 | req.query.url | serverSide.js:141:15:141:31 | target.toString() | The $@ of this request depends on a $@. | serverSide.js:141:15:141:31 | target.toString() | URL | serverSide.js:139:19:139:31 | req.query.url | user-provided value |
|
||||
| serverSide.js:142:5:142:21 | axios.get(target) | serverSide.js:139:19:139:31 | req.query.url | serverSide.js:142:15:142:20 | target | The $@ of this request depends on a $@. | serverSide.js:142:15:142:20 | target | URL | serverSide.js:139:19:139:31 | req.query.url | user-provided value |
|
||||
| serverSide.js:143:5:143:26 | axios.g ... t.href) | serverSide.js:139:19:139:31 | req.query.url | serverSide.js:143:15:143:25 | target.href | The $@ of this request depends on a $@. | serverSide.js:143:15:143:25 | target.href | URL | serverSide.js:139:19:139:31 | req.query.url | user-provided value |
|
||||
| serverSide.js:145:5:145:25 | axios.g ... dedUrl) | serverSide.js:139:19:139:31 | req.query.url | serverSide.js:145:15:145:24 | encodedUrl | The $@ of this request depends on a $@. | serverSide.js:145:15:145:24 | encodedUrl | URL | serverSide.js:139:19:139:31 | req.query.url | user-provided value |
|
||||
| serverSide.js:147:5:147:25 | axios.g ... pedUrl) | serverSide.js:139:19:139:31 | req.query.url | serverSide.js:147:15:147:24 | escapedUrl | The $@ of this request depends on a $@. | serverSide.js:147:15:147:24 | escapedUrl | URL | serverSide.js:139:19:139:31 | req.query.url | user-provided value |
|
||||
edges
|
||||
| Request/app/api/proxy/route2.serverSide.ts:4:9:4:15 | { url } | Request/app/api/proxy/route2.serverSide.ts:4:11:4:13 | url | provenance | |
|
||||
| Request/app/api/proxy/route2.serverSide.ts:4:11:4:13 | url | Request/app/api/proxy/route2.serverSide.ts:5:27:5:29 | url | provenance | |
|
||||
@@ -67,25 +67,25 @@ edges
|
||||
| axiosInterceptors.serverSide.js:19:21:19:28 | req.body | axiosInterceptors.serverSide.js:19:11:19:17 | { url } | provenance | |
|
||||
| axiosInterceptors.serverSide.js:20:5:20:19 | userProvidedUrl | axiosInterceptors.serverSide.js:11:26:11:40 | userProvidedUrl | provenance | |
|
||||
| axiosInterceptors.serverSide.js:20:23:20:25 | url | axiosInterceptors.serverSide.js:20:5:20:19 | userProvidedUrl | provenance | |
|
||||
| serverSide2.js:9:34:9:63 | qs.pars ... .query) | serverSide2.js:19:24:19:51 | req.par ... rsedUrl | provenance | |
|
||||
| serverSide2.js:9:34:9:63 | qs.pars ... .query) | serverSide2.js:19:22:19:49 | req.par ... rsedUrl | provenance | |
|
||||
| serverSide2.js:9:43:9:56 | req._parsedUrl | serverSide2.js:9:34:9:63 | qs.pars ... .query) | provenance | |
|
||||
| serverSide2.js:10:25:10:31 | req.url | serverSide2.js:16:23:16:41 | req.parsedQuery.url | provenance | |
|
||||
| serverSide2.js:11:24:11:30 | req.url | serverSide2.js:25:24:25:41 | req.SomeObject.url | provenance | |
|
||||
| serverSide2.js:16:11:16:19 | targetUrl | serverSide2.js:17:38:17:46 | targetUrl | provenance | |
|
||||
| serverSide2.js:16:23:16:41 | req.parsedQuery.url | serverSide2.js:16:11:16:19 | targetUrl | provenance | |
|
||||
| serverSide2.js:19:11:19:20 | targetUrl1 | serverSide2.js:20:39:20:48 | targetUrl1 | provenance | |
|
||||
| serverSide2.js:19:24:19:51 | req.par ... rsedUrl | serverSide2.js:19:11:19:20 | targetUrl1 | provenance | |
|
||||
| serverSide2.js:22:11:22:20 | targetUrl2 | serverSide2.js:23:39:23:48 | targetUrl2 | provenance | |
|
||||
| serverSide2.js:22:24:22:30 | req.url | serverSide2.js:22:11:22:20 | targetUrl2 | provenance | |
|
||||
| serverSide2.js:25:11:25:20 | targetUrl3 | serverSide2.js:26:39:26:48 | targetUrl3 | provenance | |
|
||||
| serverSide2.js:25:24:25:41 | req.SomeObject.url | serverSide2.js:25:11:25:20 | targetUrl3 | provenance | |
|
||||
| serverSide2.js:10:25:10:31 | req.url | serverSide2.js:16:21:16:39 | req.parsedQuery.url | provenance | |
|
||||
| serverSide2.js:11:24:11:30 | req.url | serverSide2.js:25:22:25:39 | req.SomeObject.url | provenance | |
|
||||
| serverSide2.js:16:9:16:17 | targetUrl | serverSide2.js:17:36:17:44 | targetUrl | provenance | |
|
||||
| serverSide2.js:16:21:16:39 | req.parsedQuery.url | serverSide2.js:16:9:16:17 | targetUrl | provenance | |
|
||||
| serverSide2.js:19:9:19:18 | targetUrl1 | serverSide2.js:20:37:20:46 | targetUrl1 | provenance | |
|
||||
| serverSide2.js:19:22:19:49 | req.par ... rsedUrl | serverSide2.js:19:9:19:18 | targetUrl1 | provenance | |
|
||||
| serverSide2.js:22:9:22:18 | targetUrl2 | serverSide2.js:23:37:23:46 | targetUrl2 | provenance | |
|
||||
| serverSide2.js:22:22:22:28 | req.url | serverSide2.js:22:9:22:18 | targetUrl2 | provenance | |
|
||||
| serverSide2.js:25:9:25:18 | targetUrl3 | serverSide2.js:26:37:26:46 | targetUrl3 | provenance | |
|
||||
| serverSide2.js:25:22:25:39 | req.SomeObject.url | serverSide2.js:25:9:25:18 | targetUrl3 | provenance | |
|
||||
| serverSide.js:14:9:14:15 | tainted | serverSide.js:18:13:18:19 | tainted | provenance | |
|
||||
| serverSide.js:14:9:14:15 | tainted | serverSide.js:20:17:20:23 | tainted | provenance | |
|
||||
| serverSide.js:14:9:14:15 | tainted | serverSide.js:23:19:23:25 | tainted | provenance | |
|
||||
| serverSide.js:14:9:14:15 | tainted | serverSide.js:26:25:26:31 | tainted | provenance | |
|
||||
| serverSide.js:14:9:14:15 | tainted | serverSide.js:28:36:28:42 | tainted | provenance | |
|
||||
| serverSide.js:14:9:14:15 | tainted | serverSide.js:30:37:30:43 | tainted | provenance | |
|
||||
| serverSide.js:14:9:14:15 | tainted | serverSide.js:34:34:34:40 | tainted | provenance | |
|
||||
| serverSide.js:14:9:14:15 | tainted | serverSide.js:34:35:34:41 | tainted | provenance | |
|
||||
| serverSide.js:14:9:14:15 | tainted | serverSide.js:36:24:36:30 | tainted | provenance | |
|
||||
| serverSide.js:14:9:14:15 | tainted | serverSide.js:37:30:37:36 | tainted | provenance | |
|
||||
| serverSide.js:14:9:14:15 | tainted | serverSide.js:41:43:41:49 | tainted | provenance | |
|
||||
@@ -101,12 +101,12 @@ edges
|
||||
| serverSide.js:41:43:41:49 | tainted | serverSide.js:41:13:41:51 | `http:/ ... inted}` | provenance | |
|
||||
| serverSide.js:43:46:43:52 | tainted | serverSide.js:43:13:43:54 | `http:/ ... inted}` | provenance | |
|
||||
| serverSide.js:45:50:45:56 | tainted | serverSide.js:45:13:45:56 | 'http:/ ... tainted | provenance | |
|
||||
| serverSide.js:58:9:58:15 | tainted | serverSide.js:61:29:61:35 | tainted | provenance | |
|
||||
| serverSide.js:58:9:58:15 | tainted | serverSide.js:61:29:61:35 | tainted | provenance | |
|
||||
| serverSide.js:58:9:58:15 | tainted | serverSide.js:61:33:61:39 | tainted | provenance | |
|
||||
| serverSide.js:58:9:58:15 | tainted | serverSide.js:61:33:61:39 | tainted | provenance | |
|
||||
| serverSide.js:58:19:58:42 | url.par ... , true) | serverSide.js:58:9:58:15 | tainted | provenance | |
|
||||
| serverSide.js:58:29:58:35 | req.url | serverSide.js:58:19:58:42 | url.par ... , true) | provenance | |
|
||||
| serverSide.js:61:29:61:35 | tainted | serverSide.js:64:30:64:36 | tainted | provenance | |
|
||||
| serverSide.js:61:29:61:35 | tainted | serverSide.js:68:30:68:36 | tainted | provenance | |
|
||||
| serverSide.js:61:33:61:39 | tainted | serverSide.js:64:37:64:43 | tainted | provenance | |
|
||||
| serverSide.js:61:33:61:39 | tainted | serverSide.js:68:37:68:43 | tainted | provenance | |
|
||||
| serverSide.js:74:9:74:15 | tainted | serverSide.js:76:19:76:25 | tainted | provenance | |
|
||||
| serverSide.js:74:19:74:42 | url.par ... , true) | serverSide.js:74:9:74:15 | tainted | provenance | |
|
||||
| serverSide.js:74:29:74:35 | req.url | serverSide.js:74:19:74:42 | url.par ... , true) | provenance | |
|
||||
@@ -116,34 +116,34 @@ edges
|
||||
| serverSide.js:98:9:98:15 | tainted | serverSide.js:100:19:100:25 | tainted | provenance | |
|
||||
| serverSide.js:98:19:98:42 | url.par ... , true) | serverSide.js:98:9:98:15 | tainted | provenance | |
|
||||
| serverSide.js:98:29:98:35 | req.url | serverSide.js:98:19:98:42 | url.par ... , true) | provenance | |
|
||||
| serverSide.js:108:11:108:13 | url | serverSide.js:109:27:109:29 | url | provenance | |
|
||||
| serverSide.js:108:17:108:27 | request.url | serverSide.js:108:11:108:13 | url | provenance | |
|
||||
| serverSide.js:115:11:115:13 | url | serverSide.js:117:27:117:29 | url | provenance | |
|
||||
| serverSide.js:115:17:115:42 | new URL ... , base) | serverSide.js:115:11:115:13 | url | provenance | |
|
||||
| serverSide.js:115:25:115:35 | request.url | serverSide.js:115:17:115:42 | new URL ... , base) | provenance | Config |
|
||||
| serverSide.js:108:15:108:17 | url | serverSide.js:109:31:109:33 | url | provenance | |
|
||||
| serverSide.js:108:21:108:31 | request.url | serverSide.js:108:15:108:17 | url | provenance | |
|
||||
| serverSide.js:115:15:115:17 | url | serverSide.js:117:31:117:33 | url | provenance | |
|
||||
| serverSide.js:115:21:115:46 | new URL ... , base) | serverSide.js:115:15:115:17 | url | provenance | |
|
||||
| serverSide.js:115:29:115:39 | request.url | serverSide.js:115:21:115:46 | new URL ... , base) | provenance | Config |
|
||||
| serverSide.js:123:9:123:15 | tainted | serverSide.js:127:14:127:20 | tainted | provenance | |
|
||||
| serverSide.js:123:9:123:15 | tainted | serverSide.js:130:37:130:43 | tainted | provenance | |
|
||||
| serverSide.js:123:19:123:42 | url.par ... , true) | serverSide.js:123:9:123:15 | tainted | provenance | |
|
||||
| serverSide.js:123:29:123:35 | req.url | serverSide.js:123:19:123:42 | url.par ... , true) | provenance | |
|
||||
| serverSide.js:130:9:130:13 | myUrl | serverSide.js:131:15:131:19 | myUrl | provenance | |
|
||||
| serverSide.js:130:37:130:43 | tainted | serverSide.js:130:9:130:13 | myUrl | provenance | |
|
||||
| serverSide.js:139:9:139:13 | input | serverSide.js:140:26:140:30 | input | provenance | |
|
||||
| serverSide.js:139:9:139:13 | input | serverSide.js:144:32:144:36 | input | provenance | |
|
||||
| serverSide.js:139:9:139:13 | input | serverSide.js:146:29:146:33 | input | provenance | |
|
||||
| serverSide.js:139:17:139:29 | req.query.url | serverSide.js:139:9:139:13 | input | provenance | |
|
||||
| serverSide.js:140:9:140:14 | target | serverSide.js:141:13:141:18 | target | provenance | |
|
||||
| serverSide.js:140:9:140:14 | target | serverSide.js:142:13:142:18 | target | provenance | |
|
||||
| serverSide.js:140:9:140:14 | target | serverSide.js:143:13:143:18 | target | provenance | |
|
||||
| serverSide.js:140:18:140:31 | new URL(input) | serverSide.js:140:9:140:14 | target | provenance | |
|
||||
| serverSide.js:140:26:140:30 | input | serverSide.js:140:18:140:31 | new URL(input) | provenance | Config |
|
||||
| serverSide.js:141:13:141:18 | target | serverSide.js:141:13:141:29 | target.toString() | provenance | |
|
||||
| serverSide.js:143:13:143:18 | target | serverSide.js:143:13:143:23 | target.href | provenance | |
|
||||
| serverSide.js:144:9:144:18 | encodedUrl | serverSide.js:145:13:145:22 | encodedUrl | provenance | |
|
||||
| serverSide.js:144:22:144:37 | encodeURI(input) | serverSide.js:144:9:144:18 | encodedUrl | provenance | |
|
||||
| serverSide.js:144:32:144:36 | input | serverSide.js:144:22:144:37 | encodeURI(input) | provenance | |
|
||||
| serverSide.js:146:9:146:18 | escapedUrl | serverSide.js:147:13:147:22 | escapedUrl | provenance | |
|
||||
| serverSide.js:146:22:146:34 | escape(input) | serverSide.js:146:9:146:18 | escapedUrl | provenance | |
|
||||
| serverSide.js:146:29:146:33 | input | serverSide.js:146:22:146:34 | escape(input) | provenance | |
|
||||
| serverSide.js:139:11:139:15 | input | serverSide.js:140:28:140:32 | input | provenance | |
|
||||
| serverSide.js:139:11:139:15 | input | serverSide.js:144:34:144:38 | input | provenance | |
|
||||
| serverSide.js:139:11:139:15 | input | serverSide.js:146:31:146:35 | input | provenance | |
|
||||
| serverSide.js:139:19:139:31 | req.query.url | serverSide.js:139:11:139:15 | input | provenance | |
|
||||
| serverSide.js:140:11:140:16 | target | serverSide.js:141:15:141:20 | target | provenance | |
|
||||
| serverSide.js:140:11:140:16 | target | serverSide.js:142:15:142:20 | target | provenance | |
|
||||
| serverSide.js:140:11:140:16 | target | serverSide.js:143:15:143:20 | target | provenance | |
|
||||
| serverSide.js:140:20:140:33 | new URL(input) | serverSide.js:140:11:140:16 | target | provenance | |
|
||||
| serverSide.js:140:28:140:32 | input | serverSide.js:140:20:140:33 | new URL(input) | provenance | Config |
|
||||
| serverSide.js:141:15:141:20 | target | serverSide.js:141:15:141:31 | target.toString() | provenance | |
|
||||
| serverSide.js:143:15:143:20 | target | serverSide.js:143:15:143:25 | target.href | provenance | |
|
||||
| serverSide.js:144:11:144:20 | encodedUrl | serverSide.js:145:15:145:24 | encodedUrl | provenance | |
|
||||
| serverSide.js:144:24:144:39 | encodeURI(input) | serverSide.js:144:11:144:20 | encodedUrl | provenance | |
|
||||
| serverSide.js:144:34:144:38 | input | serverSide.js:144:24:144:39 | encodeURI(input) | provenance | |
|
||||
| serverSide.js:146:11:146:20 | escapedUrl | serverSide.js:147:15:147:24 | escapedUrl | provenance | |
|
||||
| serverSide.js:146:24:146:36 | escape(input) | serverSide.js:146:11:146:20 | escapedUrl | provenance | |
|
||||
| serverSide.js:146:31:146:35 | input | serverSide.js:146:24:146:36 | escape(input) | provenance | |
|
||||
nodes
|
||||
| Request/app/api/proxy/route2.serverSide.ts:4:9:4:15 | { url } | semmle.label | { url } |
|
||||
| Request/app/api/proxy/route2.serverSide.ts:4:11:4:13 | url | semmle.label | url |
|
||||
@@ -183,18 +183,18 @@ nodes
|
||||
| serverSide2.js:9:43:9:56 | req._parsedUrl | semmle.label | req._parsedUrl |
|
||||
| serverSide2.js:10:25:10:31 | req.url | semmle.label | req.url |
|
||||
| serverSide2.js:11:24:11:30 | req.url | semmle.label | req.url |
|
||||
| serverSide2.js:16:11:16:19 | targetUrl | semmle.label | targetUrl |
|
||||
| serverSide2.js:16:23:16:41 | req.parsedQuery.url | semmle.label | req.parsedQuery.url |
|
||||
| serverSide2.js:17:38:17:46 | targetUrl | semmle.label | targetUrl |
|
||||
| serverSide2.js:19:11:19:20 | targetUrl1 | semmle.label | targetUrl1 |
|
||||
| serverSide2.js:19:24:19:51 | req.par ... rsedUrl | semmle.label | req.par ... rsedUrl |
|
||||
| serverSide2.js:20:39:20:48 | targetUrl1 | semmle.label | targetUrl1 |
|
||||
| serverSide2.js:22:11:22:20 | targetUrl2 | semmle.label | targetUrl2 |
|
||||
| serverSide2.js:22:24:22:30 | req.url | semmle.label | req.url |
|
||||
| serverSide2.js:23:39:23:48 | targetUrl2 | semmle.label | targetUrl2 |
|
||||
| serverSide2.js:25:11:25:20 | targetUrl3 | semmle.label | targetUrl3 |
|
||||
| serverSide2.js:25:24:25:41 | req.SomeObject.url | semmle.label | req.SomeObject.url |
|
||||
| serverSide2.js:26:39:26:48 | targetUrl3 | semmle.label | targetUrl3 |
|
||||
| serverSide2.js:16:9:16:17 | targetUrl | semmle.label | targetUrl |
|
||||
| serverSide2.js:16:21:16:39 | req.parsedQuery.url | semmle.label | req.parsedQuery.url |
|
||||
| serverSide2.js:17:36:17:44 | targetUrl | semmle.label | targetUrl |
|
||||
| serverSide2.js:19:9:19:18 | targetUrl1 | semmle.label | targetUrl1 |
|
||||
| serverSide2.js:19:22:19:49 | req.par ... rsedUrl | semmle.label | req.par ... rsedUrl |
|
||||
| serverSide2.js:20:37:20:46 | targetUrl1 | semmle.label | targetUrl1 |
|
||||
| serverSide2.js:22:9:22:18 | targetUrl2 | semmle.label | targetUrl2 |
|
||||
| serverSide2.js:22:22:22:28 | req.url | semmle.label | req.url |
|
||||
| serverSide2.js:23:37:23:46 | targetUrl2 | semmle.label | targetUrl2 |
|
||||
| serverSide2.js:25:9:25:18 | targetUrl3 | semmle.label | targetUrl3 |
|
||||
| serverSide2.js:25:22:25:39 | req.SomeObject.url | semmle.label | req.SomeObject.url |
|
||||
| serverSide2.js:26:37:26:46 | targetUrl3 | semmle.label | targetUrl3 |
|
||||
| serverSide.js:14:9:14:15 | tainted | semmle.label | tainted |
|
||||
| serverSide.js:14:19:14:42 | url.par ... , true) | semmle.label | url.par ... , true) |
|
||||
| serverSide.js:14:29:14:35 | req.url | semmle.label | req.url |
|
||||
@@ -207,7 +207,7 @@ nodes
|
||||
| serverSide.js:28:36:28:42 | tainted | semmle.label | tainted |
|
||||
| serverSide.js:30:13:30:43 | "http:/ ... tainted | semmle.label | "http:/ ... tainted |
|
||||
| serverSide.js:30:37:30:43 | tainted | semmle.label | tainted |
|
||||
| serverSide.js:34:34:34:40 | tainted | semmle.label | tainted |
|
||||
| serverSide.js:34:35:34:41 | tainted | semmle.label | tainted |
|
||||
| serverSide.js:36:16:36:31 | new Uri(tainted) | semmle.label | new Uri(tainted) |
|
||||
| serverSide.js:36:24:36:30 | tainted | semmle.label | tainted |
|
||||
| serverSide.js:37:22:37:37 | new Uri(tainted) | semmle.label | new Uri(tainted) |
|
||||
@@ -221,10 +221,10 @@ nodes
|
||||
| serverSide.js:58:9:58:15 | tainted | semmle.label | tainted |
|
||||
| serverSide.js:58:19:58:42 | url.par ... , true) | semmle.label | url.par ... , true) |
|
||||
| serverSide.js:58:29:58:35 | req.url | semmle.label | req.url |
|
||||
| serverSide.js:61:29:61:35 | tainted | semmle.label | tainted |
|
||||
| serverSide.js:61:29:61:35 | tainted | semmle.label | tainted |
|
||||
| serverSide.js:64:30:64:36 | tainted | semmle.label | tainted |
|
||||
| serverSide.js:68:30:68:36 | tainted | semmle.label | tainted |
|
||||
| serverSide.js:61:33:61:39 | tainted | semmle.label | tainted |
|
||||
| serverSide.js:61:33:61:39 | tainted | semmle.label | tainted |
|
||||
| serverSide.js:64:37:64:43 | tainted | semmle.label | tainted |
|
||||
| serverSide.js:68:37:68:43 | tainted | semmle.label | tainted |
|
||||
| serverSide.js:74:9:74:15 | tainted | semmle.label | tainted |
|
||||
| serverSide.js:74:19:74:42 | url.par ... , true) | semmle.label | url.par ... , true) |
|
||||
| serverSide.js:74:29:74:35 | req.url | semmle.label | req.url |
|
||||
@@ -239,13 +239,13 @@ nodes
|
||||
| serverSide.js:98:19:98:42 | url.par ... , true) | semmle.label | url.par ... , true) |
|
||||
| serverSide.js:98:29:98:35 | req.url | semmle.label | req.url |
|
||||
| serverSide.js:100:19:100:25 | tainted | semmle.label | tainted |
|
||||
| serverSide.js:108:11:108:13 | url | semmle.label | url |
|
||||
| serverSide.js:108:17:108:27 | request.url | semmle.label | request.url |
|
||||
| serverSide.js:109:27:109:29 | url | semmle.label | url |
|
||||
| serverSide.js:115:11:115:13 | url | semmle.label | url |
|
||||
| serverSide.js:115:17:115:42 | new URL ... , base) | semmle.label | new URL ... , base) |
|
||||
| serverSide.js:115:25:115:35 | request.url | semmle.label | request.url |
|
||||
| serverSide.js:117:27:117:29 | url | semmle.label | url |
|
||||
| serverSide.js:108:15:108:17 | url | semmle.label | url |
|
||||
| serverSide.js:108:21:108:31 | request.url | semmle.label | request.url |
|
||||
| serverSide.js:109:31:109:33 | url | semmle.label | url |
|
||||
| serverSide.js:115:15:115:17 | url | semmle.label | url |
|
||||
| serverSide.js:115:21:115:46 | new URL ... , base) | semmle.label | new URL ... , base) |
|
||||
| serverSide.js:115:29:115:39 | request.url | semmle.label | request.url |
|
||||
| serverSide.js:117:31:117:33 | url | semmle.label | url |
|
||||
| serverSide.js:123:9:123:15 | tainted | semmle.label | tainted |
|
||||
| serverSide.js:123:19:123:42 | url.par ... , true) | semmle.label | url.par ... , true) |
|
||||
| serverSide.js:123:29:123:35 | req.url | semmle.label | req.url |
|
||||
@@ -253,22 +253,22 @@ nodes
|
||||
| serverSide.js:130:9:130:13 | myUrl | semmle.label | myUrl |
|
||||
| serverSide.js:130:37:130:43 | tainted | semmle.label | tainted |
|
||||
| serverSide.js:131:15:131:19 | myUrl | semmle.label | myUrl |
|
||||
| serverSide.js:139:9:139:13 | input | semmle.label | input |
|
||||
| serverSide.js:139:17:139:29 | req.query.url | semmle.label | req.query.url |
|
||||
| serverSide.js:140:9:140:14 | target | semmle.label | target |
|
||||
| serverSide.js:140:18:140:31 | new URL(input) | semmle.label | new URL(input) |
|
||||
| serverSide.js:140:26:140:30 | input | semmle.label | input |
|
||||
| serverSide.js:141:13:141:18 | target | semmle.label | target |
|
||||
| serverSide.js:141:13:141:29 | target.toString() | semmle.label | target.toString() |
|
||||
| serverSide.js:142:13:142:18 | target | semmle.label | target |
|
||||
| serverSide.js:143:13:143:18 | target | semmle.label | target |
|
||||
| serverSide.js:143:13:143:23 | target.href | semmle.label | target.href |
|
||||
| serverSide.js:144:9:144:18 | encodedUrl | semmle.label | encodedUrl |
|
||||
| serverSide.js:144:22:144:37 | encodeURI(input) | semmle.label | encodeURI(input) |
|
||||
| serverSide.js:144:32:144:36 | input | semmle.label | input |
|
||||
| serverSide.js:145:13:145:22 | encodedUrl | semmle.label | encodedUrl |
|
||||
| serverSide.js:146:9:146:18 | escapedUrl | semmle.label | escapedUrl |
|
||||
| serverSide.js:146:22:146:34 | escape(input) | semmle.label | escape(input) |
|
||||
| serverSide.js:146:29:146:33 | input | semmle.label | input |
|
||||
| serverSide.js:147:13:147:22 | escapedUrl | semmle.label | escapedUrl |
|
||||
| serverSide.js:139:11:139:15 | input | semmle.label | input |
|
||||
| serverSide.js:139:19:139:31 | req.query.url | semmle.label | req.query.url |
|
||||
| serverSide.js:140:11:140:16 | target | semmle.label | target |
|
||||
| serverSide.js:140:20:140:33 | new URL(input) | semmle.label | new URL(input) |
|
||||
| serverSide.js:140:28:140:32 | input | semmle.label | input |
|
||||
| serverSide.js:141:15:141:20 | target | semmle.label | target |
|
||||
| serverSide.js:141:15:141:31 | target.toString() | semmle.label | target.toString() |
|
||||
| serverSide.js:142:15:142:20 | target | semmle.label | target |
|
||||
| serverSide.js:143:15:143:20 | target | semmle.label | target |
|
||||
| serverSide.js:143:15:143:25 | target.href | semmle.label | target.href |
|
||||
| serverSide.js:144:11:144:20 | encodedUrl | semmle.label | encodedUrl |
|
||||
| serverSide.js:144:24:144:39 | encodeURI(input) | semmle.label | encodeURI(input) |
|
||||
| serverSide.js:144:34:144:38 | input | semmle.label | input |
|
||||
| serverSide.js:145:15:145:24 | encodedUrl | semmle.label | encodedUrl |
|
||||
| serverSide.js:146:11:146:20 | escapedUrl | semmle.label | escapedUrl |
|
||||
| serverSide.js:146:24:146:36 | escape(input) | semmle.label | escape(input) |
|
||||
| serverSide.js:146:31:146:35 | input | semmle.label | input |
|
||||
| serverSide.js:147:15:147:24 | escapedUrl | semmle.label | escapedUrl |
|
||||
subpaths
|
||||
|
||||
@@ -10,7 +10,7 @@ import url from 'url';
|
||||
let XhrIo = goog.require('goog.net.XhrIo');
|
||||
let Uri = goog.require('goog.Uri');
|
||||
|
||||
var server = http.createServer(function(req, res) {
|
||||
var server = http.createServer(function (req, res) {
|
||||
var tainted = url.parse(req.url, true).query.url; // $ Source[js/request-forgery]
|
||||
|
||||
request("example.com");
|
||||
@@ -31,7 +31,7 @@ var server = http.createServer(function(req, res) {
|
||||
|
||||
request("http://example.com/?" + tainted);
|
||||
|
||||
http.get(relativeUrl, {host: tainted}); // $ Alert[js/request-forgery]
|
||||
http.get(relativeUrl, { host: tainted }); // $ Alert[js/request-forgery]
|
||||
|
||||
XhrIo.send(new Uri(tainted)); // $ Alert[js/request-forgery]
|
||||
new XhrIo().send(new Uri(tainted)); // $ Alert[js/request-forgery]
|
||||
@@ -54,23 +54,23 @@ var server = http.createServer(function(req, res) {
|
||||
})
|
||||
|
||||
var CDP = require("chrome-remote-interface");
|
||||
var server = http.createServer(async function(req, res) {
|
||||
var server = http.createServer(async function (req, res) {
|
||||
var tainted = url.parse(req.url, true).query.url; // $ Source[js/request-forgery]
|
||||
|
||||
var client = await CDP(options);
|
||||
client.Page.navigate({url: tainted}); // $ Alert[js/request-forgery]
|
||||
|
||||
CDP(options).catch((ignored) => {}).then((client) => {
|
||||
client.Page.navigate({url: tainted}); // $ Alert[js/request-forgery]
|
||||
})
|
||||
|
||||
CDP(options, (client) => {
|
||||
client.Page.navigate({url: tainted}); // $ Alert[js/request-forgery]
|
||||
});
|
||||
client.Page.navigate({ url: tainted }); // $ Alert[js/request-forgery]
|
||||
|
||||
CDP(options).catch((ignored) => { }).then((client) => {
|
||||
client.Page.navigate({ url: tainted }); // $ Alert[js/request-forgery]
|
||||
})
|
||||
|
||||
CDP(options, (client) => {
|
||||
client.Page.navigate({ url: tainted }); // $ Alert[js/request-forgery]
|
||||
});
|
||||
})
|
||||
|
||||
import {JSDOM} from "jsdom";
|
||||
var server = http.createServer(async function(req, res) {
|
||||
import { JSDOM } from "jsdom";
|
||||
var server = http.createServer(async function (req, res) {
|
||||
var tainted = url.parse(req.url, true).query.url; // $ Source[js/request-forgery]
|
||||
|
||||
JSDOM.fromURL(tainted); // $ Alert[js/request-forgery]
|
||||
@@ -93,8 +93,8 @@ router.get('/', async (ctx, next) => {
|
||||
});
|
||||
app.use(router.routes());
|
||||
|
||||
import {JSDOM} from "jsdom";
|
||||
var server = http.createServer(async function(req, res) {
|
||||
import { JSDOM } from "jsdom";
|
||||
var server = http.createServer(async function (req, res) {
|
||||
var tainted = url.parse(req.url, true).query.url; // $ Source[js/request-forgery]
|
||||
|
||||
new WebSocket(tainted); // $ Alert[js/request-forgery]
|
||||
@@ -103,23 +103,23 @@ var server = http.createServer(async function(req, res) {
|
||||
|
||||
import * as ws from 'ws';
|
||||
|
||||
new ws.Server({ port: 8080 }).on('connection', function(socket, request) {
|
||||
socket.on('message', function(message) {
|
||||
const url = request.url; // $ Source[js/request-forgery]
|
||||
const socket = new ws(url); // $ Alert[js/request-forgery]
|
||||
});
|
||||
new ws.Server({ port: 8080 }).on('connection', function (socket, request) {
|
||||
socket.on('message', function (message) {
|
||||
const url = request.url; // $ Source[js/request-forgery]
|
||||
const socket = new ws(url); // $ Alert[js/request-forgery]
|
||||
});
|
||||
});
|
||||
|
||||
new ws.Server({ port: 8080 }).on('connection', function (socket, request) {
|
||||
socket.on('message', function (message) {
|
||||
const url = new URL(request.url, base); // $ Source[js/request-forgery]
|
||||
const target = new URL(url.pathname, base);
|
||||
const socket = new ws(url); // $ Alert[js/request-forgery]
|
||||
});
|
||||
socket.on('message', function (message) {
|
||||
const url = new URL(request.url, base); // $ Source[js/request-forgery]
|
||||
const target = new URL(url.pathname, base);
|
||||
const socket = new ws(url); // $ Alert[js/request-forgery]
|
||||
});
|
||||
});
|
||||
|
||||
|
||||
var server2 = http.createServer(function(req, res) {
|
||||
var server2 = http.createServer(function (req, res) {
|
||||
var tainted = url.parse(req.url, true).query.url; // $ Source[js/request-forgery]
|
||||
|
||||
axios({
|
||||
@@ -127,22 +127,22 @@ var server2 = http.createServer(function(req, res) {
|
||||
url: tainted // $ Sink[js/request-forgery]
|
||||
}) // $ Alert[js/request-forgery]
|
||||
|
||||
var myUrl = `${something}/bla/${tainted}`;
|
||||
var myUrl = `${something}/bla/${tainted}`;
|
||||
axios.get(myUrl); // $ Alert[js/request-forgery]
|
||||
|
||||
var myEncodedUrl = `${something}/bla/${encodeURIComponent(tainted)}`;
|
||||
var myEncodedUrl = `${something}/bla/${encodeURIComponent(tainted)}`;
|
||||
axios.get(myEncodedUrl);
|
||||
})
|
||||
|
||||
var server2 = http.createServer(function(req, res) {
|
||||
const { URL } = require('url');
|
||||
const input = req.query.url; // $Source[js/request-forgery]
|
||||
const target = new URL(input);
|
||||
axios.get(target.toString()); // $Alert[js/request-forgery]
|
||||
axios.get(target); // $Alert[js/request-forgery]
|
||||
axios.get(target.href); // $Alert[js/request-forgery]
|
||||
const encodedUrl = encodeURI(input);
|
||||
axios.get(encodedUrl); // $Alert[js/request-forgery]
|
||||
const escapedUrl = escape(input);
|
||||
axios.get(escapedUrl); // $Alert[js/request-forgery]
|
||||
var server2 = http.createServer(function (req, res) {
|
||||
const { URL } = require('url');
|
||||
const input = req.query.url; // $ Source[js/request-forgery]
|
||||
const target = new URL(input);
|
||||
axios.get(target.toString()); // $ Alert[js/request-forgery]
|
||||
axios.get(target); // $ Alert[js/request-forgery]
|
||||
axios.get(target.href); // $ Alert[js/request-forgery]
|
||||
const encodedUrl = encodeURI(input);
|
||||
axios.get(encodedUrl); // $ Alert[js/request-forgery]
|
||||
const escapedUrl = escape(input);
|
||||
axios.get(escapedUrl); // $ Alert[js/request-forgery]
|
||||
});
|
||||
|
||||
@@ -6,22 +6,22 @@ const app = express();
|
||||
const PORT = 3000;
|
||||
|
||||
app.use((req, res, next) => {
|
||||
req.parsedQueryFromParsedUrl = qs.parse(req._parsedUrl.query); // $Source[js/request-forgery]
|
||||
req.parsedQuery.url = req.url || {}; // $Source[js/request-forgery]
|
||||
req.SomeObject.url = req.url; // $Source[js/request-forgery]
|
||||
req.parsedQueryFromParsedUrl = qs.parse(req._parsedUrl.query); // $ Source[js/request-forgery]
|
||||
req.parsedQuery.url = req.url || {}; // $ Source[js/request-forgery]
|
||||
req.SomeObject.url = req.url; // $ Source[js/request-forgery]
|
||||
next();
|
||||
});
|
||||
|
||||
app.get('/proxy', async (req, res) => {
|
||||
const targetUrl = req.parsedQuery.url;
|
||||
const response = await axios.get(targetUrl); // $Alert[js/request-forgery]
|
||||
const targetUrl = req.parsedQuery.url;
|
||||
const response = await axios.get(targetUrl); // $ Alert[js/request-forgery]
|
||||
|
||||
const targetUrl1 = req.parsedQueryFromParsedUrl.url;
|
||||
const response1 = await axios.get(targetUrl1); // $Alert[js/request-forgery]
|
||||
|
||||
const targetUrl2 = req.url || {}; // $Source[js/request-forgery]
|
||||
const response2 = await axios.get(targetUrl2); // $Alert[js/request-forgery]
|
||||
const targetUrl1 = req.parsedQueryFromParsedUrl.url;
|
||||
const response1 = await axios.get(targetUrl1); // $ Alert[js/request-forgery]
|
||||
|
||||
const targetUrl3 = req.SomeObject.url || {};
|
||||
const response3 = await axios.get(targetUrl3); // $Alert[js/request-forgery]
|
||||
const targetUrl2 = req.url || {}; // $ Source[js/request-forgery]
|
||||
const response2 = await axios.get(targetUrl2); // $ Alert[js/request-forgery]
|
||||
|
||||
const targetUrl3 = req.SomeObject.url || {};
|
||||
const response3 = await axios.get(targetUrl3); // $ Alert[js/request-forgery]
|
||||
});
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
| tst.js:4:27:4:44 | parts.splice(i, 1) | Removing an array item without adjusting the loop index 'i' causes the subsequent array item to be skipped. |
|
||||
| tst.js:13:29:13:46 | parts.splice(i, 1) | Removing an array item without adjusting the loop index 'i' causes the subsequent array item to be skipped. |
|
||||
| tst.js:24:9:24:26 | parts.splice(i, 1) | Removing an array item without adjusting the loop index 'i' causes the subsequent array item to be skipped. |
|
||||
| tst.js:128:11:128:33 | pending ... e(i, 1) | Removing an array item without adjusting the loop index 'i' causes the subsequent array item to be skipped. |
|
||||
| tst.js:153:11:153:26 | toc.splice(i, 1) | Removing an array item without adjusting the loop index 'i' causes the subsequent array item to be skipped. |
|
||||
| tst.js:128:7:128:29 | pending ... e(i, 1) | Removing an array item without adjusting the loop index 'i' causes the subsequent array item to be skipped. |
|
||||
| tst.js:153:12:153:27 | toc.splice(i, 1) | Removing an array item without adjusting the loop index 'i' causes the subsequent array item to be skipped. |
|
||||
|
||||
@@ -33,8 +33,8 @@ function decrementAfter(string) {
|
||||
let parts = string.split('/');
|
||||
for (let i = 0; i < parts.length; ++i) {
|
||||
if (parts[i] === 'X') {
|
||||
parts.splice(i, 1);
|
||||
--i;
|
||||
parts.splice(i, 1);
|
||||
--i;
|
||||
}
|
||||
}
|
||||
return parts.join('/');
|
||||
@@ -44,7 +44,7 @@ function postDecrementArgument(string) {
|
||||
let parts = string.split('/');
|
||||
for (let i = 0; i < parts.length; ++i) {
|
||||
if (parts[i] === 'X') {
|
||||
parts.splice(i--, 1);
|
||||
parts.splice(i--, 1);
|
||||
}
|
||||
}
|
||||
return parts.join('/');
|
||||
@@ -55,8 +55,8 @@ function breakAfter(string) {
|
||||
let parts = string.split('/');
|
||||
for (let i = 0; i < parts.length; ++i) {
|
||||
if (parts[i] === 'X') {
|
||||
parts.splice(i, 1); // OK - only removes first occurrence
|
||||
break;
|
||||
parts.splice(i, 1); // OK - only removes first occurrence
|
||||
break;
|
||||
}
|
||||
}
|
||||
return parts.join('/');
|
||||
@@ -66,7 +66,7 @@ function insertNewElements(string) {
|
||||
let parts = string.split('/');
|
||||
for (let i = 0; i < parts.length; ++i) {
|
||||
if (parts[i] === 'X') {
|
||||
parts.splice(i, 1, '.'); // OK - no shifting due to insert
|
||||
parts.splice(i, 1, '.'); // OK - no shifting due to insert
|
||||
}
|
||||
}
|
||||
return parts.join('/');
|
||||
@@ -89,7 +89,7 @@ function spliceAfterLoopNested(string) {
|
||||
for (let j = 0; j < parts.length; ++j) {
|
||||
let i = j;
|
||||
for (; i < parts.length; ++i) {
|
||||
if (parts[i] === 'X') break;
|
||||
if (parts[i] === 'X') break;
|
||||
}
|
||||
parts.splice(i, 1); // OK - not inside 'i' loop
|
||||
}
|
||||
@@ -124,10 +124,10 @@ function inspectNextElement(string) {
|
||||
|
||||
function withTryCatch(pendingCSS) {
|
||||
for (let i = 0; i < pendingCSS.length; ++i) {
|
||||
try {
|
||||
pendingCSS.splice(i, 1); // $ SPURIOUS:Alert
|
||||
i -= 1;
|
||||
} catch (ex) {}
|
||||
try {
|
||||
pendingCSS.splice(i, 1); // $ SPURIOUS:Alert
|
||||
i -= 1;
|
||||
} catch (ex) { }
|
||||
}
|
||||
}
|
||||
|
||||
@@ -139,9 +139,9 @@ function andOperand(toc) {
|
||||
|
||||
function ifStatement(toc) {
|
||||
for (let i = 0; i < toc.length; i++) {
|
||||
if(toc[i].ignoreSubHeading){
|
||||
if(toc.splice(i, 1)){
|
||||
i--;
|
||||
if (toc[i].ignoreSubHeading) {
|
||||
if (toc.splice(i, 1)) {
|
||||
i--;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -149,8 +149,8 @@ function ifStatement(toc) {
|
||||
|
||||
function ifStatement2(toc) {
|
||||
for (let i = 0; i < toc.length; i++) {
|
||||
if(toc[i].ignoreSubHeading){
|
||||
if(!toc.splice(i, 1)){ // $Alert
|
||||
if (toc[i].ignoreSubHeading) {
|
||||
if (!toc.splice(i, 1)) { // $ Alert
|
||||
i--;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user