📄
🔍
code
🐞
⚙️
EXPLORER
...
JS
server.js
JS
package.json
JS
tests/security.test.js
#
.env
JS
server.js
✕
1
const express = require('express'); const { exec } = require('child_process'); const app = express(); app.post('/api/theme', (req, res) => { const themeName = req.body.theme; // TODO: SECURITY ISSUE #402 // Patch: Implement whitelist validation below const cmd = "cp -r ./themes/" + themeName + " ./pub/"; exec(cmd, (err, stdout, stderr) => { if (err) return res.status(500).send("Err"); res.send("Done"); }); });
↺ REVERTIR CAMBIOS
▶ DEPLOY & TEST
PROBLEMS
OUTPUT
TERMINAL
user@dev-sec-box:~/project$
master*
UTF-8 JavaScript