Skip to content

Commit

Permalink
fix(JS tests): fix outdated testdata (#722)
Browse files Browse the repository at this point in the history 
fix: fix outdated testdata
  • Loading branch information
@elsapet
elsapet authored Mar 3, 2023
1 parent d48862a commit 3b65905
Show file tree
Hide file tree
Showing 27 changed files with 117 additions and 48 deletions.
4 changes: 2 additions & 2 deletions ...ring/.snapshots/TestJavascriptExpressInsecureTemplateRendering--insecure_dot_template.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,9 @@ low:
id: javascript_express_insecure_template_rendering
description: Insecure template rendering detected.
documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_template_rendering
line_number: 6
line_number: 11
filename: insecure_dot_template.js
parent_line_number: 6
parent_line_number: 11
parent_content: doT.template(req.params.template)


8 changes: 4 additions & 4 deletions ...ring/.snapshots/TestJavascriptExpressInsecureTemplateRendering--insecure_ejs_template.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,19 +5,19 @@ low:
id: javascript_express_insecure_template_rendering
description: Insecure template rendering detected.
documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_template_rendering
line_number: 6
line_number: 11
filename: insecure_ejs_template.js
parent_line_number: 6
parent_line_number: 11
parent_content: ejs.compile(req.body.user, options)
- rule:
cwe_ids:
- "1336"
id: javascript_express_insecure_template_rendering
description: Insecure template rendering detected.
documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_template_rendering
line_number: 11
line_number: 16
filename: insecure_ejs_template.js
parent_line_number: 11
parent_line_number: 16
parent_content: ejs.render(req.params.name, data, options)


4 changes: 2 additions & 2 deletions ...ring/.snapshots/TestJavascriptExpressInsecureTemplateRendering--insecure_eta_template.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,9 @@ low:
id: javascript_express_insecure_template_rendering
description: Insecure template rendering detected.
documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_template_rendering
line_number: 7
line_number: 12
filename: insecure_eta_template.js
parent_line_number: 7
parent_line_number: 12
parent_content: 'Eta.render(req.params, { name: "insecure" })'


4 changes: 2 additions & 2 deletions ...apshots/TestJavascriptExpressInsecureTemplateRendering--insecure_express_hbs_template.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,9 @@ low:
id: javascript_express_insecure_template_rendering
description: Insecure template rendering detected.
documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_template_rendering
line_number: 8
line_number: 13
filename: insecure_express_hbs_template.js
parent_line_number: 8
parent_line_number: 13
parent_content: hbs.renderView(req.params.viewPath, options, (err) => {})


8 changes: 4 additions & 4 deletions ...napshots/TestJavascriptExpressInsecureTemplateRendering--insecure_handlebars_template.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,19 +5,19 @@ low:
id: javascript_express_insecure_template_rendering
description: Insecure template rendering detected.
documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_template_rendering
line_number: 7
line_number: 12
filename: insecure_handlebars_template.js
parent_line_number: 7
parent_line_number: 12
parent_content: Handlebars.precompile(req.body.user, options)
- rule:
cwe_ids:
- "1336"
id: javascript_express_insecure_template_rendering
description: Insecure template rendering detected.
documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_template_rendering
line_number: 8
line_number: 13
filename: insecure_handlebars_template.js
parent_line_number: 8
parent_line_number: 13
parent_content: Handlebars.compile(req.body.user, options)


4 changes: 2 additions & 2 deletions .../.snapshots/TestJavascriptExpressInsecureTemplateRendering--insecure_hoganjs_template.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,9 @@ low:
id: javascript_express_insecure_template_rendering
description: Insecure template rendering detected.
documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_template_rendering
line_number: 8
line_number: 13
filename: insecure_hoganjs_template.js
parent_line_number: 8
parent_line_number: 13
parent_content: 'Hogan.compile(template, { name: "insecure" })'


4 changes: 2 additions & 2 deletions ...g/.snapshots/TestJavascriptExpressInsecureTemplateRendering--insecure_liquid_template.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,9 @@ low:
id: javascript_express_insecure_template_rendering
description: Insecure template rendering detected.
documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_template_rendering
line_number: 8
line_number: 13
filename: insecure_liquid_template.js
parent_line_number: 8
parent_line_number: 13
parent_content: 'engine.render(req.params.text, { hello: "world" })'


4 changes: 2 additions & 2 deletions ...g/.snapshots/TestJavascriptExpressInsecureTemplateRendering--insecure_lodash_template.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,9 @@ low:
id: javascript_express_insecure_template_rendering
description: Insecure template rendering detected.
documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_template_rendering
line_number: 6
line_number: 11
filename: insecure_lodash_template.js
parent_line_number: 6
parent_line_number: 11
parent_content: _.template(req.params.body)


4 changes: 2 additions & 2 deletions ....snapshots/TestJavascriptExpressInsecureTemplateRendering--insecure_mustache_template.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,9 @@ low:
id: javascript_express_insecure_template_rendering
description: Insecure template rendering detected.
documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_template_rendering
line_number: 7
line_number: 12
filename: insecure_mustache_template.js
parent_line_number: 7
parent_line_number: 12
parent_content: 'Mustache.render(req.params, { name: "insecure" })'


8 changes: 4 additions & 4 deletions ....snapshots/TestJavascriptExpressInsecureTemplateRendering--insecure_nunjucks_template.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,19 +5,19 @@ low:
id: javascript_express_insecure_template_rendering
description: Insecure template rendering detected.
documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_template_rendering
line_number: 6
line_number: 11
filename: insecure_nunjucks_template.js
parent_line_number: 6
parent_line_number: 11
parent_content: nunjucks.render(req.params.body)
- rule:
cwe_ids:
- "1336"
id: javascript_express_insecure_template_rendering
description: Insecure template rendering detected.
documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_template_rendering
line_number: 7
line_number: 12
filename: insecure_nunjucks_template.js
parent_line_number: 7
parent_line_number: 12
parent_content: nunjucks.renderString(req.params.body)


8 changes: 4 additions & 4 deletions ...ring/.snapshots/TestJavascriptExpressInsecureTemplateRendering--insecure_pug_template.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,19 +5,19 @@ low:
id: javascript_express_insecure_template_rendering
description: Insecure template rendering detected.
documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_template_rendering
line_number: 7
line_number: 12
filename: insecure_pug_template.js
parent_line_number: 7
parent_line_number: 12
parent_content: pug.render(req.params.name, merge(options, locals))
- rule:
cwe_ids:
- "1336"
id: javascript_express_insecure_template_rendering
description: Insecure template rendering detected.
documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_template_rendering
line_number: 11
line_number: 16
filename: insecure_pug_template.js
parent_line_number: 11
parent_line_number: 16
parent_content: pug.compile(req.params.name)


4 changes: 2 additions & 2 deletions ...napshots/TestJavascriptExpressInsecureTemplateRendering--insecure_squirrelly_template.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,9 @@ low:
id: javascript_express_insecure_template_rendering
description: Insecure template rendering detected.
documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_template_rendering
line_number: 7
line_number: 12
filename: insecure_squirrelly_template.js
parent_line_number: 7
parent_line_number: 12
parent_content: 'Sqrl.render(req.params.text, { name: "alvin" })'


4 changes: 2 additions & 2 deletions ....snapshots/TestJavascriptExpressInsecureTemplateRendering--insecure_whiskers_template.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,9 @@ low:
id: javascript_express_insecure_template_rendering
description: Insecure template rendering detected.
documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_template_rendering
line_number: 8
line_number: 13
filename: insecure_whiskers_template.js
parent_line_number: 8
parent_line_number: 13
parent_content: whiskers.render(req.params.text, context)


7 changes: 6 additions & 1 deletion ...gs/rules/javascript/express/insecure_template_rendering/testdata/insecure_dot_template.js
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
const express = require("express");
const app = express();
var helmet = require("helmet")

var app = express()
app.use(helmet())
app.use(helmet.hidePoweredBy())

const doT = require('dot');

app.get("/bad", (req, _res) => {
Expand Down
7 changes: 6 additions & 1 deletion ...gs/rules/javascript/express/insecure_template_rendering/testdata/insecure_ejs_template.js
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
const express = require("express");
const app = express();
var helmet = require("helmet")

var app = express()
app.use(helmet())
app.use(helmet.hidePoweredBy())

const ejs = require('ejs');

app.get("/bad", (req, _res) => {
Expand Down
7 changes: 6 additions & 1 deletion ...gs/rules/javascript/express/insecure_template_rendering/testdata/insecure_eta_template.js
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
const express = require("express");
const app = express();
var helmet = require("helmet")

var app = express()
app.use(helmet())
app.use(helmet.hidePoweredBy())


import * as Eta from "eta";

Expand Down
7 changes: 6 additions & 1 deletion .../javascript/express/insecure_template_rendering/testdata/insecure_express_hbs_template.js
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
const express = require("express");
const app = express();
var helmet = require("helmet")

var app = express()
app.use(helmet())
app.use(helmet.hidePoweredBy())


import { create } from 'express-handlebars';

Expand Down
7 changes: 6 additions & 1 deletion ...s/javascript/express/insecure_template_rendering/testdata/insecure_handlebars_template.js
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
const express = require("express");
const app = express();
var helmet = require("helmet")

var app = express()
app.use(helmet())
app.use(helmet.hidePoweredBy())


import * as Handlebars from "handlebars";

Expand Down
7 changes: 6 additions & 1 deletion ...ules/javascript/express/insecure_template_rendering/testdata/insecure_hoganjs_template.js
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
const express = require("express");
const app = express();
var helmet = require("helmet")

var app = express()
app.use(helmet())
app.use(helmet.hidePoweredBy())


const Hogan = require("hogan.js");

Expand Down
7 changes: 6 additions & 1 deletion ...rules/javascript/express/insecure_template_rendering/testdata/insecure_liquid_template.js
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
const express = require("express");
const app = express();
var helmet = require("helmet")

var app = express()
app.use(helmet())
app.use(helmet.hidePoweredBy())


import { Liquid } from 'liquidjs'
const engine = new Liquid()
Expand Down
7 changes: 6 additions & 1 deletion ...rules/javascript/express/insecure_template_rendering/testdata/insecure_lodash_template.js
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
const express = require("express");
const app = express();
var helmet = require("helmet")

var app = express()
app.use(helmet())
app.use(helmet.hidePoweredBy())

const _ = require('lodash');

app.get("/bad", (req, _res) => {
Expand Down
7 changes: 6 additions & 1 deletion ...les/javascript/express/insecure_template_rendering/testdata/insecure_mustache_template.js
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
const express = require("express");
const app = express();
var helmet = require("helmet")

var app = express()
app.use(helmet())
app.use(helmet.hidePoweredBy())


const Mustache = require('mustache');

Expand Down
7 changes: 6 additions & 1 deletion ...les/javascript/express/insecure_template_rendering/testdata/insecure_nunjucks_template.js
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
const express = require("express");
const app = express();
var helmet = require("helmet")

var app = express()
app.use(helmet())
app.use(helmet.hidePoweredBy())

const nunjucks = require('nunjucks');

app.get("/bad", (req, _res) => {
Expand Down
7 changes: 6 additions & 1 deletion ...gs/rules/javascript/express/insecure_template_rendering/testdata/insecure_pug_template.js
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
const express = require("express");
const app = express();
var helmet = require("helmet")

var app = express()
app.use(helmet())
app.use(helmet.hidePoweredBy())


var pug = require('pug');

Expand Down
7 changes: 6 additions & 1 deletion ...s/javascript/express/insecure_template_rendering/testdata/insecure_squirrelly_template.js
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
const express = require("express");
const app = express();
var helmet = require("helmet")

var app = express()
app.use(helmet())
app.use(helmet.hidePoweredBy())


var Sqrl = require("squirrelly");

Expand Down
7 changes: 6 additions & 1 deletion ...les/javascript/express/insecure_template_rendering/testdata/insecure_whiskers_template.js
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
const express = require("express");
const app = express();
var helmet = require("helmet")

var app = express()
app.use(helmet())
app.use(helmet.hidePoweredBy())


var whiskers = require("whiskers");

Expand Down
6 changes: 5 additions & 1 deletion .../process/settings/rules/javascript/express/insecure_template_rendering/testdata/secure.js
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
const express = require("express");
const app = express();
var helmet = require("helmet")

var app = express()
app.use(helmet())
app.use(helmet.hidePoweredBy())

// pug
var pug = require('pug');
Expand Down

0 comments on commit 3b65905

Please sign in to comment.