55 lines
1.3 KiB
Plaintext
55 lines
1.3 KiB
Plaintext
include::../description.adoc[]
|
|
|
|
include::../ask-yourself.adoc[]
|
|
|
|
include::../recommended.adoc[]
|
|
|
|
== Sensitive Code Example
|
|
|
|
----
|
|
// === NodeJS built-in modules ===
|
|
const http = require('http');
|
|
const https = require('https');
|
|
|
|
// Endpoints exposed by http.Server and https.Server objects are security-sensitive and should be reviewed.
|
|
// Examples:
|
|
|
|
const srv = new http.Server((req, res) => {});
|
|
srv.listen(3000); // Sensitive
|
|
|
|
// http.createServer creates a new http.Server object.
|
|
const srv = http.createServer((req, res) => {});
|
|
srv.listen(3000); // Sensitive
|
|
|
|
const srv = new https.Server((req, res) => {});
|
|
srv.listen(3000); // Sensitive
|
|
|
|
// https.createServer creates a new https.Server object.
|
|
const srv = https.createServer((req, res) => {});
|
|
srv.listen(3000); // Sensitive
|
|
----
|
|
|
|
----
|
|
// === ExpressJS ===
|
|
const express = require('express');
|
|
const app = express();
|
|
|
|
// Endpoints exposed by ExpressJS are security-sensitive and should be reviewed.
|
|
// Example:
|
|
|
|
app.get('/', function (req, res) {});
|
|
app.post('/', function (req, res) {});
|
|
app.all('/', function (req, res) {});
|
|
app.listen(3000); // Sensitive
|
|
----
|
|
|
|
include::../see.adoc[]
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
include::comments-and-links.adoc[]
|
|
endif::env-github,rspecator-view[]
|