hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
codeql-cli-2.20.5
codeql/javascript/ql/test/query-tests/Security/CWE-352/tst.js
Asger Feldthaus 389a3c9073 JS: Port CSRF query
2021-12-07 10:43:06 +01:00

23 lines
436 B
JavaScript
Raw Permalink Blame History

const express = require('express')
const cookieParser = require('cookie-parser')
const csrf = require('csurf')
const app = express()
app.use(cookieParser())
app.post('/unsafe', (req, res) => { // NOT OK
req.cookies.x;
});
function middlewares() {
return express.Router()
.use(csrf({ cookie: true}))
.use('/', express.bodyParser());
}
app.use(middlewares());
app.post('/safe', (req, res) => { // OK
req.cookies.x;
});
Reference in New Issue View Git Blame Copy Permalink