-
Notifications
You must be signed in to change notification settings - Fork 0
/
63.json
25 lines (25 loc) · 3.49 KB
/
63.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
{
"file_path": "security_data/gpt3_security_vulnerability_scanner-main/PostMessage Security/challenge1.js",
"vulnerability": "Vulnerabilities Detected:\n1. Insufficient verification of data authenticity due to lack of target origin check: The line window_ref.postMessage(message, '*'); sends a message with no origin restriction, as indicated by the '*' argument. This means the message can be received by any window, regardless of its origin, which opens up the potential for malicious sites to receive data they should not have access to.\n",
"source code": "if (typeof (SERVER_DOMAIN) === 'undefined') {\n\twindow.location.replace(\"/unconfigured.html\");\n}\n\nconst RECEIVE_URL = SERVER_DOMAIN + \"/challenge_scoreboard.html\" + \"?origin=\" + get_domain();\n\nvar window_ref = null;\n\ndocument.getElementById(\"username\").focus();\n\nfunction store_username() {\n\tvar username;\n\tvar username_obj;\n\n\tusername_obj = document.getElementById(\"username\");\n\tusername = username_obj.value\n\n\tvar welcome;\n\twelcome = document.getElementById(\"welcome\");\n\twelcome.innerHTML = \"Welcome \" + html_encode(username);\n\n\tvar set_username;\n\tset_username = document.getElementById(\"set_username\");\n\tset_username.style.display = \"none\";\n\n\tvar game;\n\tgame = document.getElementById(\"game\");\n\tgame.style.display = \"inline\";\n\n\tstart_game();\n\t// have to do time out so the window can open\n\tsetTimeout(function () { send_username(username); }, 1000);\n\n\treturn false;\n}\n\nfunction check_guess() {\n\tvar guess_obj = document.getElementById(\"guess\");\n\tvar guess = guess_obj.value;\n\tvar res = document.getElementById(\"result\");\n\n\tsend_message(\"guess:\" + guess);\n\n\tdocument.getElementById(\"guess\").focus();\n\tdocument.getElementById(\"guess\").value = \"\";\n}\n\nfunction html_encode(html) {\n\treturn document.createElement('a').appendChild(\n\t\tdocument.createTextNode(html)).parentNode.innerHTML;\n}\n\nfunction send_message(message) {\n\tif (window_ref == null) {\n\t\treturn;\n\t}\n\tif (window_ref.closed) {\n\t\treturn;\n\t}\n\n\twindow_ref.postMessage(message, \"*\");\n\t// window_ref.postMessage(message, RECEIVE_URL);\n}\n\nfunction start_game() {\n\topen_window();\n\tdocument.getElementById(\"guess\").focus();\n}\n\nfunction send_username(username) {\n\tmessage = \"user:\" + html_encode(username);\n\tsend_message(message);\n}\n\nfunction get_domain() {\n\tvar url = window.location.href\n\tvar arr = url.split(\"/\");\n\treturn arr[0] + \"//\" + arr[2]\n}\n\nfunction open_window() {\n\tif (window_ref == null || window_ref.closed) {\n\t\twindow_ref = window.open(RECEIVE_URL, \"score board\", \"height=260,width=550\");\n\n\t\tif (window_ref == null) {\n\t\t\talert(\"Failed to open window. You must allow pop-ups.\");\n\t\t}\n\t}\n}\n\nconst usernameButton = document.getElementById(\"setUsername\");\nusernameButton.addEventListener(\"click\", store_username, false);\n\nconst guessButton = document.getElementById(\"checkGuess\");\nguessButton.addEventListener(\"click\", check_guess, false);\n\nstart_game();\n",
"language": "javascript",
"cwe_identifier": [
"CWE-345"
],
"pattern_desc": [
"Insufficient verification of data authenticity due to lack of target origin check.\n"
],
"line_number": [
61
],
"line_text": [
"\twindow_ref.postMessage(message, \"*\");"
],
"pattern_id": [
"insecure_code_detector.rules.semgrep.javascript.post-message-origin"
],
"rule": [
null
],
"label": 0
}