hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
54493eb99086c43c75d80ded8fa6b8ada24bf6b4
codeql/javascript/ql/test/query-tests/Security/CWE-022/tainted-sendFile.js
Asger F 6f109a742f JS: add a test case for res.sendfile
2018-09-21 11:04:33 +01:00

11 lines
264 B
JavaScript
Raw Blame History

var express = require('express');
var app = express();
app.get('/some/path', function(req, res) {
// BAD: sending a file based on un-sanitized query parameters
res.sendFile(req.param("gimme"));
// BAD: same as above
res.sendfile(req.param("gimme"));
});
Reference in New Issue View Git Blame Copy Permalink