hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
yo-h/java15
codeql/javascript/ql/test/query-tests/Security/CWE-079/ReflectedXss/promises.js
Asger Feldthaus 4137d3f971 JS: Split CWE-079 tests into their own folders
2020-10-16 17:32:36 +01:00

12 lines
323 B
JavaScript
Raw Permalink Blame History

let express = require('express');
let app = express();
app.get("/some/path", (req, res) => {
new Promise((resolve, reject) => resolve(req.query.data))
.then(x => res.send(x)); // NOT OK
new Promise((resolve, reject) => resolve(req.query.data))
.then(x => escapeHtml(x))
.then(x => res.send(x)); // OK
});
Reference in New Issue View Git Blame Copy Permalink