mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-09 19:45:13 +02:00
12 lines
447 B
JavaScript
12 lines
447 B
JavaScript
|
// Unsafe: tainted req.query value flows into the bare-subscript header set
|
||
|
|
// `res.headers["X-Forwarded-By"] = lang`. The LHS-subscript classification
|
||
|
|
// path matches `res.headers` as a HEADER_INJECTION sink so this form fires
|
||
|
|
// alongside the explicit `setHeader` / `res.set` method-call shapes.
|
||
|
|
function handler(req, res) {
|
||
|
|
const lang = req.query.lang;
|
||
|
|
res.headers["X-Forwarded-By"] = lang;
|
||
|
|
res.end();
|
||
|
|
}
|
||
|
|
|
||
|
|
module.exports = handler;
|