Skip to content

fix: security vulnerabilities (Trust scan 1eca2c38) #7078

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
Jaden-JJH wants to merge 4 commits into from
+24 −7
Closed

fix: security vulnerabilities (Trust scan 1eca2c38) #7078

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
39a8078
fix: Unsafe Formatstring (CWE-134)
Jaden-JJH Mar 2, 2026
6513639
fix: Express Cookie Session No Httponly (CWE-522), Express Cookie Ses…
Jaden-JJH Mar 2, 2026
d7abb79
fix: Template Explicit Unescape (CWE-79)
Jaden-JJH Mar 2, 2026
33b1afa
fix: Direct Response Write (CWE-79)
Jaden-JJH Mar 2, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 15 additions & 2 deletions examples/auth/index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,10 +20,23 @@ app.set('views', path.join(__dirname, 'views'));

app.use(express.urlencoded())
app.use(session({
name: 'sessionId', // Custom session cookie name
resave: false, // don't save session if unmodified
app.use(session({
resave: false, // don't save session if unmodified
saveUninitialized: false, // don't create session until something stored
secret: 'shhhh, very secret'
}));
cookie: {
maxAge: 24 * 60 * 60 * 1000, // 24 hours in milliseconds
httpOnly: true, // prevent XSS attacks
secure: process.env.NODE_ENV === 'production', // HTTPS only in production
sameSite: 'strict' // CSRF protection
}
cookie: {
domain: 'yourdomain.com', // Set specific domain
secure: true, // Use HTTPS only
httpOnly: true, // Prevent XSS
maxAge: 24 * 60 * 60 * 1000 // 24 hours
}

// Session-persisted message middleware

Expand Down
2 changes: 1 addition & 1 deletion examples/auth/views/login.ejs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
<%- include('head', { title: 'Authentication Example' }) -%>

<h1>Login</h1>
<%- message %>
<%= message %>
Try accessing <a href="/restricted">/restricted</a>, then authenticate with "tj" and "foobar".
<form method="post" action="/login">
<p>
Expand Down
10 changes: 7 additions & 3 deletions examples/params/index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,9 +63,13 @@ app.get('/user/:user', function (req, res) {
app.get('/users/:from-:to', function (req, res) {
var from = req.params.from;
var to = req.params.to;
var names = users.map(function(user){ return user.name; });
res.send('users ' + names.slice(from, to + 1).join(', '));
});
var to = parseInt(req.params.to, 10);
var from = parseInt(req.params.from, 10);
var names = users.map(function(user){ return escapeHtml(user.name); });
res.json({ message: 'users', users: names.slice(from, to + 1) });

// Or using template rendering:
// res.render('users', { users: names.slice(from, to + 1) });

/* istanbul ignore next */
if (!module.parent) {
Expand Down
2 changes: 1 addition & 1 deletion examples/search/index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ app.get('/search/{:query}', function (req, res, next) {
db.sMembers(query)
.then((vals) => res.send(vals))
.catch((err) => {
console.error(`Redis error for query "${query}":`, err);
console.error('Redis error for query:', JSON.stringify(query), err);
next(err);
});
});
Expand Down