mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-09 19:45:13 +02:00
15 lines
558 B
JavaScript
15 lines
558 B
JavaScript
// SQL injection — unsupported fixture.
|
|
// The entry point accepts an HTTP request object, not a plain string.
|
|
// HarnessSpec derivation will map this to HttpBody slot (unsupported by JS emitter).
|
|
// Entry: handleRequest(req) Cap: SQL_QUERY
|
|
// Expected verdict: Unsupported (EntryKindUnsupported or ConfidenceTooLow)
|
|
|
|
class UserRepository {
|
|
findUser(req) {
|
|
const name = req && req.body && req.body.name;
|
|
const query = "SELECT * FROM users WHERE name='" + name + "'";
|
|
return query;
|
|
}
|
|
}
|
|
|
|
module.exports = { UserRepository };
|