Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

wip hot fix #401

Merged
merged 1 commit into from
Jan 22, 2024
Merged

wip hot fix #401

merged 1 commit into from
Jan 22, 2024

Conversation

hichri-louay
Copy link
Contributor

No description provided.

@hichri-louay hichri-louay merged commit 2f1b52d into develop Jan 22, 2024
3 checks passed
@hichri-louay hichri-louay deleted the errors-hot branch January 22, 2024 08:11
github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 22, 2024
View reviewed changes
routes/profile.routes.js
Comment on lines +1181 to +1187
(req, res, next) => {
passport.authenticate('link_facebook_account', {
failureRedirect:
(process.env.NODE_ENV === "mainnet" ? (req.origins.header.includes('https://app.satt.com') ? process.env.METAMASK_BASED_URL : process.env.BASED_URL) : process.env.BASED_URL ) +
'/home/settings/social-networks?message=access-denied',
})(req, res, next)
},

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
authorization
Loading
, but is not rate-limited.
routes/profile.routes.js
Comment on lines +1236 to +1242
(req, res, next) => {
passport.authenticate('link_google_account', {
failureRedirect:
(process.env.NODE_ENV === "mainnet" ? (req.origins.header.includes('https://app.satt.com') ? process.env.METAMASK_BASED_URL : process.env.BASED_URL) : process.env.BASED_URL ) +
'/home/settings/social-networks?message=access-denied',
})(req,res,next)
},

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
authorization
Loading
, but is not rate-limited.
routes/profile.routes.js
(req, res, next) => {
passport.authenticate('link_facebook_account', {
failureRedirect:
(process.env.NODE_ENV === "mainnet" ? (req.origins.header.includes('https://app.satt.com') ? process.env.METAMASK_BASED_URL : process.env.BASED_URL) : process.env.BASED_URL ) +

Check failure

Code scanning / CodeQL

Incomplete URL substring sanitization High

'
https://app.satt.com
Loading
' can be anywhere in the URL, and arbitrary hosts may come before or after it.
routes/profile.routes.js
(req, res, next) => {
passport.authenticate('link_google_account', {
failureRedirect:
(process.env.NODE_ENV === "mainnet" ? (req.origins.header.includes('https://app.satt.com') ? process.env.METAMASK_BASED_URL : process.env.BASED_URL) : process.env.BASED_URL ) +

Check failure

Code scanning / CodeQL

Incomplete URL substring sanitization High

'
https://app.satt.com
Loading
' can be anywhere in the URL, and arbitrary hosts may come before or after it.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@hichri-louay