hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
tausbn/python-add-models-for-zstd-compression
codeql/javascript/ql/test/query-tests/Security/CWE-807/tst-different-kinds-comparison-bypass.js

26 lines
742 B
JavaScript
Raw Permalink Blame History

var express = require('express');
var app = express();
app.get('/user/:id', function(req, res) {
req.query.userId == req.cookies.userId; // $ Alert[js/different-kinds-comparison-bypass]
req.query.userId1 == req.query.userId2; // OK - same kind of source
req.url == req.body; // $ Alert[js/different-kinds-comparison-bypass]
check(req.query.userId, req.cookies.userId);
function check(a, b) {
a == b; // $ Alert[js/different-kinds-comparison-bypass]
}
// CSRF protection
req.cookies.csrf == req.query.csrf;
req.cookies.csrfToken == req.query.csrfToken;
req.cookies.state == req.query.state;
req.cookies.authState == req.query.authState;
req.cookies.token == req.query.token;
});
Reference in New Issue View Git Blame Copy Permalink