hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
86eb9496738d5f91244bdeadce72c3c06fcedbb5
codeql/rust/ql/test/query-tests/security/CWE-079/axum/main.rs
Simon Friis Vindum 0f4561efc3 Rust: Add XSS examples
2025-11-24 15:46:23 +01:00

20 lines
600 B
Rust
Raw Blame History

use axum::{extract::Query, response::Html, routing::get, Router};
#[derive(serde::Deserialize)]
struct GreetingParams {
name: String,
}
async fn greet_handler(Query(params): Query<GreetingParams>) -> Html<String> {
let html_content = format!("<p>Hello, {}!</p>", params.name);
Html(html_content) // $ MISSING: Alert[rust/xss]
}
#[tokio::main]
pub async fn main() {
let app = Router::<()>::new().route("/greet", get(greet_handler));
let listener = tokio::net::TcpListener::bind("127.0.0.1:3000")
.await
.unwrap();
axum::serve(listener, app).await.unwrap();
}
Reference in New Issue View Git Blame Copy Permalink