hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
sauyon/java-spring-stringutils
codeql/javascript/ql/test/query-tests/Security/CWE-807/example_bypass.js
Esben Sparre Andreasen 34a09ff522 JS: add js/conditional-bypass example as a test case
2020-12-22 09:34:25 +01:00

25 lines
626 B
JavaScript
Raw Permalink Blame History

var express = require('express');
var app = express();
// ...
app.get('/full-profile/:userId', function(req, res) {
if (req.cookies.loggedInUserId !== req.params.userId) { // NOT OK
// BAD: login decision made based on user controlled data
requireLogin();
} else {
// ... show private information
}
});
app.get('/full-profile/:userId', function(req, res) {
if (req.signedCookies.loggedInUserId !== req.params.userId) { // OK
// GOOD: login decision made based on server controlled data
requireLogin();
} else {
// ... show private information
}
});
Reference in New Issue View Git Blame Copy Permalink