mirror of
https://github.com/github/codeql.git
synced 2026-04-24 16:25:15 +02:00
Apply suggestions from code review
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
This commit is contained in:
@@ -7,6 +7,6 @@ const ROOT = "/var/www/";
|
||||
var server = http.createServer(function(req, res) {
|
||||
let filePath = url.parse(req.url, true).query.path;
|
||||
|
||||
// BAD: This could read any file on the file system
|
||||
// BAD: This function uses unsanitized input that can read any file on the file system.
|
||||
res.write(fs.readFileSync(ROOT + filePath, 'utf8'));
|
||||
});
|
||||
Reference in New Issue
Block a user