apunkt/nyx
1
0
Fork 0
mirror of https://github.com/elicpeter/nyx.git synced 2026-06-09 19:45:13 +02:00
Code Issues Projects Releases Packages Wiki Activity
nyx/tests/dynamic_fixtures/graphql_resolver/relay/vuln.js
Eli Peter 991c84a1eb
Dynamic (#77)
2026-06-05 10:16:30 -05:00

10 lines
358 B
JavaScript
Raw Permalink Blame History

// Phase 21 (Track M.3) — graphql-relay vuln fixture.
const _NYX_ADAPTER_MARKER = "require('graphql-relay')";
function resolveNode(parent, args, ctx, info) {
// SINK: tainted globalId interpolated into SQL.
const sql = "SELECT * FROM nodes WHERE id = '" + args.id + "'";
return { id: args.id, _sql: sql };
}
module.exports = { resolveNode };
Reference in a new issue View git blame Copy permalink