hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
alexet/avoid-path-node-java
codeql/javascript/ql/test/query-tests/Security/CWE-400/RemotePropertyInjection/tstNonExpr.js
Napalys Klicius 10c10c7d30 JS: fixed typo in folder name
2025-08-27 10:17:39 +00:00

11 lines
286 B
JavaScript
Raw Permalink Blame History

var http = require('http');
var url = require('url');
var server = http.createServer(function(req, res) {
var userVal = req.url; // $ Source
var newProp = "$" + userVal;
x[newProp] = 23;
res.setHeader(userVal, 'text/html'); // $ Alert
res.write("foo");
res.end("bar");
})
Reference in New Issue View Git Blame Copy Permalink