hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
codeql-cli-2.22.1
codeql/javascript/ql/test/query-tests/Security/CWE-918/apollo.serverSide.ts
Michael Nebel 2e0ce44fde Javascript: Update test files.
2025-04-23 15:41:41 +02:00

28 lines
861 B
TypeScript
Raw Permalink Blame History

import { ApolloServer } from '@apollo/server';
import { get } from 'https';
function createApolloServer(typeDefs) {
const resolvers = {
Mutation: {
downloadFiles: async (_, { files }) => { // $ Source[js/request-forgery]
files.forEach((file) => { get(file.url, (res) => {}); }); // $ Alert[js/request-forgery]
return true;
},
},
};
const server = new ApolloServer({typeDefs, resolvers});
const resolvers2 = {
Mutation: {
downloadFiles: async (_, { files }) => { // $ Source[js/request-forgery]
files.forEach((file) => { get(file.url, (res) => {}); }); // $ Alert[js/request-forgery]
return true;
},
},
};
class CustomApollo extends ApolloServer {}
const srv = new CustomApollo({typeDefs, resolvers: resolvers2});
}
Reference in New Issue View Git Blame Copy Permalink