hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
rc/1.24
codeql/javascript/ql/test/query-tests/Security/CWE-079/xss-through-filenames.js
Esben Sparre Andreasen 33f98dd1a7 JS: add query: js/stored-xss
2018-09-14 15:30:44 +02:00

41 lines
881 B
JavaScript
Raw Permalink Blame History

var http = require('http');
var fs = require('fs');
var express = require('express');
express().get('/', function(req, res) {
fs.readdir("/myDir", function (error, files1) {
res.send(files1); // NOT OK
});
});
/**
* The essence of a real world vulnerability.
*/
http.createServer(function (req, res) {
function format(files2) {
var files3 = [];
files2.sort(sort).forEach(function (file) {
files3.push('<li>' + file + '</li>');
});
return files3.join('');
}
fs.readdir("/myDir", function (error, files1) {
res.write(files1); // NOT OK
var dirs = [];
var files2 = [];
files1.forEach(function (file) {
files2.push(file);
});
res.write(files2); // NOT OK
var files3 = format(files2);
res.write(files3); // NOT OK
});
});
Reference in New Issue View Git Blame Copy Permalink