Skip to content

WM5 | KARAM ALI | MODULE SERVERS | MAILING LIST API | WEEK 4#186

Open
kayali436 wants to merge 1 commit intoCodeYourFuture:mainfrom
kayali436:feature/mailing-list-api
Open

WM5 | KARAM ALI | MODULE SERVERS | MAILING LIST API | WEEK 4#186
kayali436 wants to merge 1 commit intoCodeYourFuture:mainfrom
kayali436:feature/mailing-list-api

Conversation

@kayali436
Copy link

@kayali436 kayali436 commented May 14, 2024
edited
Loading

Learners, PR Template

Self checklist

  • I have committed my files one by one, on purpose, and for a reason
  • I have titled my PR with COHORT_NAME | FIRST_NAME LAST_NAME | REPO_NAME | WEEK
  • I have tested my changes
  • My changes follow the style guide
  • My changes meet the requirements of this task

Changelist

Briefly explain your PR.

I have completed task

Questions

Ask any questions you have for your reviewer.

@sonarqubecloud
Copy link

sonarqubecloud bot commented May 14, 2024

Quality Gate Failed Quality Gate failed

Failed conditions
1 Security Hotspot
E Security Rating on New Code (required ≥ A)

See analysis details on SonarCloud

Catch issues before they fail your Quality Gate with our IDE extension SonarLint

github-advanced-security[bot]
github-advanced-security bot found potential problems May 14, 2024
View reviewed changes
mailing-list-api/server.js
app.delete("/lists/:name", (req, res) => {
const params = req.params.name;
lists.delete(params)
? res.status(200).send(`Deleted ${params} successfully!`)

Check failure

Code scanning / SonarCloud

Endpoints should not be vulnerable to reflected cross-site scripting (XSS) attacks

<!--SONAR_ISSUE_KEY:AY93W648zMRAKKOjksrr-->Change this code to not reflect user-controlled data. <p>See more on <a href="https://sonarcloud.io/project/issues?id=CodeYourFuture_Module-Node&issues=AY93W648zMRAKKOjksrr&open=AY93W648zMRAKKOjksrr&pullRequest=186">SonarCloud</a></p>
mailing-list-api/server.js

if (lists.has(params)) {
lists.set(params, body.members);
res.send(`List ${params} has been updated`);

Check failure

Code scanning / SonarCloud

Endpoints should not be vulnerable to reflected cross-site scripting (XSS) attacks

<!--SONAR_ISSUE_KEY:AY93W648zMRAKKOjksrs-->Change this code to not reflect user-controlled data. <p>See more on <a href="https://sonarcloud.io/project/issues?id=CodeYourFuture_Module-Node&issues=AY93W648zMRAKKOjksrs&open=AY93W648zMRAKKOjksrs&pullRequest=186">SonarCloud</a></p>
mailing-list-api/server.js
if (params.toLowerCase() !== body.name.toLowerCase()) {
res
.status(400)
.send(

Check failure

Code scanning / SonarCloud

Endpoints should not be vulnerable to reflected cross-site scripting (XSS) attacks

<!--SONAR_ISSUE_KEY:AY93W648zMRAKKOjksrt-->Change this code to not reflect user-controlled data. <p>See more on <a href="https://sonarcloud.io/project/issues?id=CodeYourFuture_Module-Node&issues=AY93W648zMRAKKOjksrt&open=AY93W648zMRAKKOjksrt&pullRequest=186">SonarCloud</a></p>
mailing-list-api/server.js
res.send(`List ${params} has been updated`);
} else {
lists.set(params, body.members);
res.send(`New list ${params} has been created`);

Check failure

Code scanning / SonarCloud

Endpoints should not be vulnerable to reflected cross-site scripting (XSS) attacks

<!--SONAR_ISSUE_KEY:AY93W648zMRAKKOjksru-->Change this code to not reflect user-controlled data. <p>See more on <a href="https://sonarcloud.io/project/issues?id=CodeYourFuture_Module-Node&issues=AY93W648zMRAKKOjksru&open=AY93W648zMRAKKOjksru&pullRequest=186">SonarCloud</a></p>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kayali436