hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
66737402c20fc83b3d3a654dcccf4b26c901b100
codeql/javascript/ql/test/query-tests/Security/CWE-079/ReflectedXss/partial.js
Asger F 64d39da5f8 JS: Accept Sources/Sink tags
2025-02-28 13:29:30 +01:00

56 lines
1.3 KiB
JavaScript
Raw Blame History

let express = require('express');
let underscore = require('underscore');
let lodash = require('lodash');
let R = require('ramda');
let app = express();
app.get("/some/path", (req, res) => {
function sendResponse(x, y) {
res.send(x + y); // $ Alert
}
let callback = sendResponse.bind(null, req.url); // $ Source
[1, 2, 3].forEach(callback);
});
app.get("/underscore", (req, res) => {
function sendResponse(x, y) {
res.send(x + y); // $ Alert
}
let callback = underscore.partial(sendResponse, req.url); // $ Source
[1, 2, 3].forEach(callback);
});
app.get("/lodash", (req, res) => {
function sendResponse(x, y) {
res.send(x + y); // $ Alert
}
let callback = lodash.partial(sendResponse, req.url); // $ Source
[1, 2, 3].forEach(callback);
});
app.get("/ramda", (req, res) => {
function sendResponse(x, y) {
res.send(x + y); // $ Alert
}
let callback = R.partial(sendResponse, [req.url]); // $ Source
[1, 2, 3].forEach(callback);
});
app.get("/return", (req, res) => {
function getFirst(x, y) {
return x;
}
let callback = getFirst.bind(null, req.url);
res.send(callback); // OK - the callback itself is not tainted
res.send(callback()); // $ MISSING: Alert - not currently detected
res.send(getFirst("Hello")); // OK - argument is not tainted from this call site
});
Reference in New Issue View Git Blame Copy Permalink