Skip to content

Commit 0187e9a

Browse files
asgerfasgerf
authored
Merge pull request github#8808 from vovikhangcdv/doublevkay/fixing-PrototypePollutngAssignment-examples
Javascript: Fix PrototypePollutingAssignment example which is incorrect use of express leads to no result when scanning.
2 parents be5363e + f4581ae commit 0187e9a

File tree

2 files changed

+4
-2
lines changed

2 files changed

+4
-2
lines changed

javascript/ql/src/Security/CWE-915/examples/PrototypePollutingAssignment.js

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
let express = require('express');
2+
let app = express()
23

3-
express.put('/todos/:id', (req, res) => {
4+
app.put('/todos/:id', (req, res) => {
45
let id = req.params.id;
56
let items = req.session.todos[id];
67
if (!items) {

javascript/ql/src/Security/CWE-915/examples/PrototypePollutingAssignmentFixed.js

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
let express = require('express');
2+
let app = express()
23

3-
express.put('/todos/:id', (req, res) => {
4+
app.put('/todos/:id', (req, res) => {
45
let id = req.params.id;
56
let items = req.session.todos.get(id);
67
if (!items) {

0 commit comments

Comments
 (0)