rspec/rules/S5876/javascript/rule.adoc

== Why is this an issue?

include::../description.adoc[]

=== Noncompliant code example

For http://www.passportjs.org/[Passport.js]:

[source,javascript]
----
app.post('/login', 
  passport.authenticate('local', { failureRedirect: '/login' }),
  function(req, res) {
    // Sensitive - no session.regenerate after login
    res.redirect('/');
  });
----

=== Compliant solution

For http://www.passportjs.org/[Passport.js]:

[source,javascript]
----
app.post('/login', 
  passport.authenticate('local', { failureRedirect: '/login' }),
  function(req, res) {
    let prevSession = req.session;
    req.session.regenerate((err) => {  // Compliant
      Object.assign(req.session, prevSession);
      res.redirect('/');
    });
  });
----

include::../see.adoc[]

ifdef::env-github,rspecator-view[]

'''
== Implementation Specification
(visible only on this page)

include::../message.adoc[]

'''
== Comments And Links
(visible only on this page)

include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
migrate rule descriptions to new education format 2023-05-03 11:06:20 +02:00			`== Why is this an issue?`

Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00			`include::../description.adoc[]`

migrate rule descriptions to new education format 2023-05-03 11:06:20 +02:00			`=== Noncompliant code example`
Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00
			`For http://www.passportjs.org/[Passport.js]:`

RULEAPI-661: Add syntax coloring 2022-02-04 17:28:24 +01:00			`[source,javascript]`
Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00			`----`
			`app.post('/login',`
			`passport.authenticate('local', { failureRedirect: '/login' }),`
			`function(req, res) {`
			`// Sensitive - no session.regenerate after login`
			`res.redirect('/');`
			`});`
			`----`

migrate rule descriptions to new education format 2023-05-03 11:06:20 +02:00			`=== Compliant solution`
Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00
			`For http://www.passportjs.org/[Passport.js]:`

RULEAPI-661: Add syntax coloring 2022-02-04 17:28:24 +01:00			`[source,javascript]`
Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00			`----`
			`app.post('/login',`
			`passport.authenticate('local', { failureRedirect: '/login' }),`
			`function(req, res) {`
			`let prevSession = req.session;`
			`req.session.regenerate((err) => { // Compliant`
			`Object.assign(req.session, prevSession);`
			`res.redirect('/');`
			`});`
			`});`
			`----`

			`include::../see.adoc[]`
Export comments and rspec-to-rspec links from jira 2021-06-02 20:44:38 +02:00
Fix the comment display: rule-id, timestamp, GH visibility, link direction 2021-06-03 09:05:38 +02:00			`ifdef::env-github,rspecator-view[]`
RULEAPI-666: Migrate the "List of parameters", "Highlighting" and "Message" fields from jira RSPEC (#346) 2021-09-20 15:38:42 +02:00
			`'''`
			`== Implementation Specification`
			`(visible only on this page)`

			`include::../message.adoc[]`

RULEAPI-576: add a horizontal rule between rule description and comments 2021-06-08 15:52:13 +02:00			`'''`
Export comments and rspec-to-rspec links from jira 2021-06-02 20:44:38 +02:00			`== Comments And Links`
			`(visible only on this page)`

			`include::../comments-and-links.adoc[]`
Fix the comment display: rule-id, timestamp, GH visibility, link direction 2021-06-03 09:05:38 +02:00			`endif::env-github,rspecator-view[]`