Skip to content

Commit 09aa04b

Browse files
author
Max Schaefer
authored
Merge pull request #268 from sjvs/fix-javascript-example
JavaScript: fix two examples based on LGTM.com alerts
2 parents d44761e + c4eb6f0 commit 09aa04b

File tree

2 files changed

+2
-2
lines changed

2 files changed

+2
-2
lines changed

javascript/ql/src/Security/CWE-079/examples/StoredXss.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ express().get('/list-directory', function(req, res) {
66
var list = '<ul>';
77
fileNames.forEach(fileName => {
88
// BAD: `fileName` can contain HTML elements
9-
list += '<li>' + fileName '</li>';
9+
list += '<li>' + fileName + '</li>';
1010
});
1111
list += '</ul>'
1212
res.send(list);

javascript/ql/src/Security/CWE-079/examples/StoredXssGood.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ express().get('/list-directory', function(req, res) {
77
var list = '<ul>';
88
fileNames.forEach(fileName => {
99
// GOOD: escaped `fileName` can not contain HTML elements
10-
list += '<li>' + escape(fileName) '</li>';
10+
list += '<li>' + escape(fileName) + '</li>';
1111
});
1212
list += '</ul>'
1313
res.send(list);

0 commit comments

Comments
 (0)