Merge pull request #891 from xiemaisi/js/simplify-sensitive-actions

Approved by esben-semmle

javascript/ql/src/Security/CWE-312/CleartextStorage.qhelp

@@ -35,8 +35,7 @@ causing logged sensitive information to be stored as well.
 
 <example>
 <p>
-The following example code stores user credentials (in this case, their account
-name) in a cookie in plain text:
+The following example code stores user credentials (in this case, their password) in a cookie in plain text:
 </p>
 <sample src="examples/CleartextStorage.js"/>
 <p>

javascript/ql/src/Security/CWE-312/examples/CleartextStorage.js

@@ -1,8 +1,8 @@
 var express = require('express');
 
 var app = express();
-app.get('/', function (req, res) {
-  let accountName = req.param("AccountName");
+app.get('/remember-password', function (req, res) {
+  let pw = req.param("current_password");
   // BAD: Setting a cookie value with cleartext sensitive data.
-  res.cookie("AccountName", accountName);
+  res.cookie("password", pw);
 });

javascript/ql/src/Security/CWE-312/examples/CleartextStorageGood.js

@@ -8,8 +8,8 @@ function encrypt(text){
 }
 
 var app = express();
-app.get('/', function (req, res) {
-  let accountName = req.param("AccountName");
+app.get('/remember-password', function (req, res) {
+  let pw = req.param("current_password");
   // GOOD: Encoding the value before setting it.
-  res.cookie("AccountName", encrypt(accountName));
+  res.cookie("password", encrypt(pw));
 });