hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
66737402c20fc83b3d3a654dcccf4b26c901b100
codeql/javascript/ql/test/query-tests/Security/CWE-312/CleartextStorage2.js
Asger F 64d39da5f8 JS: Accept Sources/Sink tags
2025-02-28 13:29:30 +01:00

11 lines
377 B
JavaScript
Raw Blame History

var https = require('https');
var url = require('url');
var server = https.createServer(function(req, res) {
let pw = url.parse(req.url, true).query.current_password; // $ Source[js/clear-text-storage-of-sensitive-data]
res.writeHead(200, {
'Set-Cookie': 'password=' + pw, // $ Alert[js/clear-text-storage-of-sensitive-data]
'Content-Type': 'text/plain'
});
});
Reference in New Issue View Git Blame Copy Permalink