mirror of
https://github.com/github/codeql.git
synced 2025-12-17 09:13:20 +01:00
23 lines
452 B
JavaScript
23 lines
452 B
JavaScript
const express = require('express')
|
|
const cookieParser = require('cookie-parser')
|
|
const csrf = require('csurf')
|
|
|
|
const app = express()
|
|
app.use(cookieParser()) // $ Alert
|
|
|
|
app.post('/unsafe', (req, res) => {
|
|
req.cookies.x;
|
|
}); // $ RelatedLocation
|
|
|
|
function middlewares() {
|
|
return express.Router()
|
|
.use(csrf({ cookie: true}))
|
|
.use('/', express.bodyParser());
|
|
}
|
|
|
|
app.use(middlewares());
|
|
|
|
app.post('/safe', (req, res) => {
|
|
req.cookies.x;
|
|
});
|