mirror of
https://github.com/github/codeql.git
synced 2025-12-16 16:53:25 +01:00
cd2c4d5e3a
This query flags the cookie-parsing middleware in order to consolidate huge numbers of alerts into a single alert, which is more manageable. But simply annotating the cookie-parsing middleware with 'Alert' isn't a very useful, we want to annotate which middlewares are vulnerable.
35 lines
1.0 KiB
JavaScript
35 lines
1.0 KiB
JavaScript
// Adapted from https://github.com/expressjs/csurf, which is
|
|
// licensed under the MIT license; see file LICENSE.
|
|
|
|
var cookieParser = require('cookie-parser')
|
|
var csrf = require('csurf')
|
|
var bodyParser = require('body-parser')
|
|
var express = require('express')
|
|
|
|
// setup route middlewares
|
|
var csrfProtection = csrf({ cookie: true })
|
|
var parseForm = bodyParser.urlencoded({ extended: false })
|
|
|
|
// create express app
|
|
var app = express()
|
|
|
|
// parse cookies
|
|
// we need this because "cookie" is true in csrfProtection
|
|
app.use(cookieParser()) // $ Alert
|
|
|
|
app.get('/form', csrfProtection, function (req, res) { // OK
|
|
let newEmail = req.cookies["newEmail"];
|
|
// pass the csrfToken to the view
|
|
res.render('send', { csrfToken: req.csrfToken() })
|
|
})
|
|
|
|
app.post('/process', parseForm, csrfProtection, function (req, res) { // OK
|
|
let newEmail = req.cookies["newEmail"];
|
|
res.send('data is being processed')
|
|
})
|
|
|
|
app.post('/process_unsafe', parseForm, function (req, res) {
|
|
let newEmail = req.cookies["newEmail"];
|
|
res.send('data is being processed')
|
|
}) // $ RelatedLocation
|