File tree 1 file changed +4
-4
lines changed
javascript/ql/test/query-tests/Security/CWE-611
1 file changed +4
-4
lines changed Original file line number Diff line number Diff line change @@ -2,14 +2,14 @@ const express = require('express');
22const libxmljs = require ( 'libxmljs' ) ;
33
44express ( ) . get ( '/some/path' , function ( req ) {
5- libxmljs . parseXml ( req . param ( "some-xml" ) , { noent : true } ) ; // $ Alert // $ Alert - unguarded entity expansion
5+ libxmljs . parseXml ( req . param ( "some-xml" ) , { noent : true } ) ; // $ Alert - unguarded entity expansion
66} ) ;
77
88express ( ) . post ( '/some/path' , function ( req , res ) {
9- libxmljs . parseXml ( req . param ( "some-xml" ) , { noent : true } ) ; // $ Alert // $ Alert - unguarded entity expansion
9+ libxmljs . parseXml ( req . param ( "some-xml" ) , { noent : true } ) ; // $ Alert - unguarded entity expansion
1010
11- libxmljs . parseXmlString ( req . param ( "some-xml" ) , { noent : true } ) // $ Alert // $ Alert - unguarded entity expansion
12- libxmljs . parseXmlString ( req . files . products . data . toString ( 'utf8' ) , { noent : true } ) // $ Alert // $ Alert - unguarded entity expansion
11+ libxmljs . parseXmlString ( req . param ( "some-xml" ) , { noent : true } ) // $ Alert - unguarded entity expansion
12+ libxmljs . parseXmlString ( req . files . products . data . toString ( 'utf8' ) , { noent : true } ) // $ Alert - unguarded entity expansion
1313
1414 // OK - no entity expansion
1515 libxmljs . parseXmlString ( req . files . products . data . toString ( 'utf8' ) , { noent : false } )
You can’t perform that action at this time.
0 commit comments