remove ldap examples from experimental folder

2026-04-30 19:26:02 +02:00 · 2021-09-30 13:34:06 +02:00
parent c55b7bcd85
commit bcf4626fd0
4 changed files with 0 additions and 97 deletions
--- a/javascript/ql/src/experimental/Security/CWE-090/examples/example_bad1.js
+++ b/javascript/ql/src/experimental/Security/CWE-090/examples/example_bad1.js
@@ -1,21 +0,0 @@
-const http = require('http');
-const url = require('url');
-const ldap = require('ldapjs');
-const client = ldap.createClient({
-    url: 'ldap://127.0.0.1:1389'
-});
-
-const server = http.createServer((req, res) => {
-    let q = url.parse(req.url, true);
-
-    let username = q.query.username;
-
-    var opts = {
-        // BAD
-        filter: `(|(name=${username})(username=${username}))`
-    };
-
-    client.search('o=example', opts, function (err, res) {
-
-    });
-});
--- a/javascript/ql/src/experimental/Security/CWE-090/examples/example_bad2.js
+++ b/javascript/ql/src/experimental/Security/CWE-090/examples/example_bad2.js
@@ -1,16 +0,0 @@
-const http = require('http');
-const url = require('url');
-const ldap = require('ldapjs');
-const client = ldap.createClient({
-    url: 'ldap://127.0.0.1:1389'
-});
-
-const server = http.createServer((req, res) => {
-    let q = url.parse(req.url, true);
-
-    let username = q.query.username;
-
-    // BAD
-    client.search('o=example', { filter: `(|(name=${username})(username=${username}))` }, function (err, res) {
-    });
-});
--- a/javascript/ql/src/experimental/Security/CWE-090/examples/example_good1.js
+++ b/javascript/ql/src/experimental/Security/CWE-090/examples/example_good1.js
@@ -1,31 +0,0 @@
-const http = require('http');
-const url = require('url');
-const ldap = require('ldapjs');
-const client = ldap.createClient({
-    url: 'ldap://127.0.0.1:1389'
-});
-
-
-// https://github.com/vesse/node-ldapauth-fork/commit/3feea43e243698bcaeffa904a7324f4d96df60e4
-const sanitizeInput = function (input) {
-    return input
-        .replace(/\*/g, '\\2a')
-        .replace(/\(/g, '\\28')
-        .replace(/\)/g, '\\29')
-        .replace(/\\/g, '\\5c')
-        .replace(/\0/g, '\\00')
-        .replace(/\//g, '\\2f');
-};
-
-const server = http.createServer((req, res) => {
-    let q = url.parse(req.url, true);
-
-    let username = q.query.username;
-
-    // GOOD
-    username = sanitizeInput(username);
-
-    client.search('o=example', { filter: `(|(name=${username})(username=${username}))` }, function (err, res) {
-    });
-
-});
--- a/javascript/ql/src/experimental/Security/CWE-090/examples/example_good2.js
+++ b/javascript/ql/src/experimental/Security/CWE-090/examples/example_good2.js
@@ -1,29 +0,0 @@
-const http = require('http');
-const url = require('url');
-const ldap = require('ldapjs');
-const client = ldap.createClient({
-    url: 'ldap://127.0.0.1:1389'
-});
-
-const server = http.createServer((req, res) => {
-    let q = url.parse(req.url, true);
-
-    let username = q.query.username;
-
-    // GOOD (https://github.com/ldapjs/node-ldapjs/issues/181)
-    let f = new OrFilter({
-        filters: [
-            new EqualityFilter({
-                attribute: 'name',
-                value: username
-            }),
-            new EqualityFilter({
-                attribute: 'username',
-                value: username
-            })
-        ]
-    });
-
-    client.search('o=example', { filter: f }, function (err, res) {
-    });
-});