mirror of
https://github.com/github/codeql.git
synced 2025-12-16 16:53:25 +01:00
cd2c4d5e3a
This query flags the cookie-parsing middleware in order to consolidate huge numbers of alerts into a single alert, which is more manageable. But simply annotating the cookie-parsing middleware with 'Alert' isn't a very useful, we want to annotate which middlewares are vulnerable.
39 lines
724 B
JavaScript
39 lines
724 B
JavaScript
const fastify = require('fastify')
|
|
const fp = require('fastify-plugin');
|
|
|
|
const app = fastify();
|
|
|
|
function plugin(app) {
|
|
app.register(require('fastify-cookie')); // $ Alert
|
|
app.register(require('fastify-csrf'));
|
|
}
|
|
app.register(fp(plugin));
|
|
|
|
app.route({
|
|
method: 'GET',
|
|
path: '/getter',
|
|
handler: async (req, reply) => { // OK
|
|
return 'hello';
|
|
}
|
|
})
|
|
|
|
// unprotected route
|
|
app.route({
|
|
method: 'POST',
|
|
path: '/',
|
|
handler: async (req, reply) => { // lacks CSRF protection
|
|
req.session.blah;
|
|
return req.body
|
|
} // $ RelatedLocation
|
|
})
|
|
|
|
|
|
app.route({
|
|
method: 'POST',
|
|
path: '/',
|
|
onRequest: app.csrfProtection,
|
|
handler: async (req, reply) => { // OK - has CSRF protection
|
|
return req.body
|
|
}
|
|
})
|