hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
sauyon/java-spring-stringutils
codeql/javascript/ql/test/query-tests/Security/CWE-918/clientSideParam.js
Asger Feldthaus 2e57a7d3e9 JS: Add ClientSideRemoteFlowSource
2021-03-16 13:28:09 +00:00

11 lines
359 B
JavaScript
Raw Permalink Blame History

import * as React from "react";
import { useParams } from "react-router-dom";
import request from 'request';
export function MyComponent() {
const params = useParams();
request('https://example.com/api/' + params.foo + '/id'); // OK - cannot manipulate path using `../`
request(params.foo); // Possibly problematic, but not currently flagged.
}
Reference in New Issue View Git Blame Copy Permalink