Skip to content

Commit aebc5bc

Browse files
author
Max Schaefer
committed
JavaScript: Update qhelp example for CleartextStorage.
1 parent 0be81da commit aebc5bc

File tree

7 files changed

+29
-30
lines changed

7 files changed

+29
-30
lines changed

javascript/ql/src/Security/CWE-312/CleartextStorage.qhelp

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -35,8 +35,7 @@ causing logged sensitive information to be stored as well.
3535

3636
<example>
3737
<p>
38-
The following example code stores user credentials (in this case, their account
39-
name) in a cookie in plain text:
38+
The following example code stores user credentials (in this case, their password) in a cookie in plain text:
4039
</p>
4140
<sample src="examples/CleartextStorage.js"/>
4241
<p>
Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
11
var express = require('express');
22

33
var app = express();
4-
app.get('/', function (req, res) {
5-
let accountName = req.param("AccountName");
4+
app.get('/remember-password', function (req, res) {
5+
let pw = req.param("current_password");
66
// BAD: Setting a cookie value with cleartext sensitive data.
7-
res.cookie("AccountName", accountName);
7+
res.cookie("password", pw);
88
});

javascript/ql/src/Security/CWE-312/examples/CleartextStorageGood.js

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,8 @@ function encrypt(text){
88
}
99

1010
var app = express();
11-
app.get('/', function (req, res) {
12-
let accountName = req.param("AccountName");
11+
app.get('/remember-password', function (req, res) {
12+
let pw = req.param("current_password");
1313
// GOOD: Encoding the value before setting it.
14-
res.cookie("AccountName", encrypt(accountName));
14+
res.cookie("password", encrypt(pw));
1515
});

javascript/ql/test/query-tests/Security/CWE-312/CleartextStorage.expected

Lines changed: 14 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,11 @@
11
nodes
2-
| CleartextStorage2.js:5:7:5:52 | a |
3-
| CleartextStorage2.js:5:11:5:52 | url.par ... untName |
4-
| CleartextStorage2.js:7:19:7:36 | 'AccountName=' + a |
5-
| CleartextStorage2.js:7:36:7:36 | a |
6-
| CleartextStorage.js:5:7:5:34 | a |
7-
| CleartextStorage.js:5:11:5:34 | req.par ... tName") |
8-
| CleartextStorage.js:7:29:7:29 | a |
2+
| CleartextStorage2.js:5:7:5:58 | pw |
3+
| CleartextStorage2.js:5:12:5:58 | url.par ... assword |
4+
| CleartextStorage2.js:7:19:7:34 | 'password=' + pw |
5+
| CleartextStorage2.js:7:33:7:34 | pw |
6+
| CleartextStorage.js:5:7:5:40 | pw |
7+
| CleartextStorage.js:5:12:5:40 | req.par ... sword") |
8+
| CleartextStorage.js:7:26:7:27 | pw |
99
| tst-angularjs.js:3:32:3:45 | data1.password |
1010
| tst-angularjs.js:4:33:4:46 | data2.password |
1111
| tst-angularjs.js:5:27:5:40 | data3.password |
@@ -15,14 +15,14 @@ nodes
1515
| tst-webstorage.js:3:20:3:32 | data.password |
1616
| tst-webstorage.js:4:29:4:41 | data.password |
1717
edges
18-
| CleartextStorage2.js:5:7:5:52 | a | CleartextStorage2.js:7:36:7:36 | a |
19-
| CleartextStorage2.js:5:11:5:52 | url.par ... untName | CleartextStorage2.js:5:7:5:52 | a |
20-
| CleartextStorage2.js:7:36:7:36 | a | CleartextStorage2.js:7:19:7:36 | 'AccountName=' + a |
21-
| CleartextStorage.js:5:7:5:34 | a | CleartextStorage.js:7:29:7:29 | a |
22-
| CleartextStorage.js:5:11:5:34 | req.par ... tName") | CleartextStorage.js:5:7:5:34 | a |
18+
| CleartextStorage2.js:5:7:5:58 | pw | CleartextStorage2.js:7:33:7:34 | pw |
19+
| CleartextStorage2.js:5:12:5:58 | url.par ... assword | CleartextStorage2.js:5:7:5:58 | pw |
20+
| CleartextStorage2.js:7:33:7:34 | pw | CleartextStorage2.js:7:19:7:34 | 'password=' + pw |
21+
| CleartextStorage.js:5:7:5:40 | pw | CleartextStorage.js:7:26:7:27 | pw |
22+
| CleartextStorage.js:5:12:5:40 | req.par ... sword") | CleartextStorage.js:5:7:5:40 | pw |
2323
#select
24-
| CleartextStorage2.js:7:19:7:36 | 'AccountName=' + a | CleartextStorage2.js:5:11:5:52 | url.par ... untName | CleartextStorage2.js:7:19:7:36 | 'AccountName=' + a | Sensitive data returned by $@ is stored here. | CleartextStorage2.js:5:11:5:52 | url.par ... untName | an access to AccountName |
25-
| CleartextStorage.js:7:29:7:29 | a | CleartextStorage.js:5:11:5:34 | req.par ... tName") | CleartextStorage.js:7:29:7:29 | a | Sensitive data returned by $@ is stored here. | CleartextStorage.js:5:11:5:34 | req.par ... tName") | a call to param |
24+
| CleartextStorage2.js:7:19:7:34 | 'password=' + pw | CleartextStorage2.js:5:12:5:58 | url.par ... assword | CleartextStorage2.js:7:19:7:34 | 'password=' + pw | Sensitive data returned by $@ is stored here. | CleartextStorage2.js:5:12:5:58 | url.par ... assword | an access to current_password |
25+
| CleartextStorage.js:7:26:7:27 | pw | CleartextStorage.js:5:12:5:40 | req.par ... sword") | CleartextStorage.js:7:26:7:27 | pw | Sensitive data returned by $@ is stored here. | CleartextStorage.js:5:12:5:40 | req.par ... sword") | a call to param |
2626
| tst-angularjs.js:3:32:3:45 | data1.password | tst-angularjs.js:3:32:3:45 | data1.password | tst-angularjs.js:3:32:3:45 | data1.password | Sensitive data returned by $@ is stored here. | tst-angularjs.js:3:32:3:45 | data1.password | an access to password |
2727
| tst-angularjs.js:4:33:4:46 | data2.password | tst-angularjs.js:4:33:4:46 | data2.password | tst-angularjs.js:4:33:4:46 | data2.password | Sensitive data returned by $@ is stored here. | tst-angularjs.js:4:33:4:46 | data2.password | an access to password |
2828
| tst-angularjs.js:5:27:5:40 | data3.password | tst-angularjs.js:5:27:5:40 | data3.password | tst-angularjs.js:5:27:5:40 | data3.password | Sensitive data returned by $@ is stored here. | tst-angularjs.js:5:27:5:40 | data3.password | an access to password |
Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
11
var express = require('express');
22

33
var app = express();
4-
app.get('/', function (req, res) {
5-
let a = req.param("AccountName");
4+
app.get('/remember-password', function (req, res) {
5+
let pw = req.param("current_password");
66
// BAD: Setting a cookie value with cleartext sensitive data.
7-
res.cookie("AccountName", a);
7+
res.cookie("password", pw);
88
});

javascript/ql/test/query-tests/Security/CWE-312/CleartextStorage2.js

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,9 +2,9 @@ var https = require('https');
22
var url = require('url');
33

44
var server = https.createServer(function(req, res) {
5-
let a = url.parse(req.url, true).query.AccountName;
5+
let pw = url.parse(req.url, true).query.current_password;
66
res.writeHead(200, {
7-
'Set-Cookie': 'AccountName=' + a,
7+
'Set-Cookie': 'password=' + pw,
88
'Content-Type': 'text/plain'
99
});
1010
});

javascript/ql/test/query-tests/Security/CWE-312/CleartextStorageGood.js

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,8 @@ function encrypt(text){
88
}
99

1010
var app = express();
11-
app.get('/', function (req, res) {
12-
let accountName = req.param("AccountName");
11+
app.get('/remember-password', function (req, res) {
12+
let pw = req.param("current_password");
1313
// GOOD: Encoding the value before setting it.
14-
res.cookie("AccountName", encrypt(accountName));
14+
res.cookie("password", encrypt(pw));
1515
});

0 commit comments

Comments
 (0)