2

Im trying to do the checkmarx scan for my code. But I'm facing this error : This element’s value then flows through the code without being properly sanitized or validated and is eventually displayed to the user in method .then at line 145 ........ This may enable a Cross-Site-Scripting attack.

Im working with express js in which there is a method that accepts a request and response from server.

function method1(request,response){

const params = request.query; ------> this line gives a vulnerability

}

Pleasee Help me resolve this issue ASAP.Have searched for solutions but there are solns related to java or .net only.. I need solution for node/express js.

Thanks in advance

Improve this question
3
  • 1
    How do you use params? Which query parameters does your code use? Commented Jun 5, 2018 at 7:47
  • it's a get request to my API. The query params contains json of different fields:values like {customerId:'c111',contactNumber:'764217854154'}.We extract each value and use it. like params.customerId and params.contactNumber. Commented Jun 5, 2018 at 13:34
  • @theProblemMaker were you able to solve the issue, I am facing the same problem and am out of ideas. Commented Oct 24, 2020 at 13:57

2 Answers 2

Reset to default
1

You have to validate each param you use without accessing directly to request.query by creating and handling each variable separately.

For instance you want to check that customerId begins with a c and contactNumber is a number:

const customerId = request.query.customerId;
if (!customerId || /^c\d+/.test(customerId)) {
   return replyWrongParameters(response);
}
const contactNumber = parseInt(request.query.contactNumber);
if (isNaN(contactNumber)) {
  return replyWrongParameters(response);
}

If you want to use an external library, you may want to use https://www.npmjs.com/package/express-validation which takes care of the validation.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

I have imported reuqestSanitizer module and used it in this way. var requestSanitizer = require('request-sanitizer')(); var validator = requestSanitizer.validator; requestSanitizer.setOptions({ query : { customerId :[validator.ltrim], state:[validator.escape,validator.ltrim], } }); router.get('/', requestSanitizer.sanitize,function (req, response,next) { var request = { query: req.query, headers: req.headers }; control.controller(request,response);} Now after this if im trying to run the scan this doesn't work. issue still remains.
any sanitizer module does not work and CheckMarx issue still remains. is it an issue from CheckMarx scanner side?
0

From OWASP's Cross-site Scripting (XSS) page:

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it.

To learn in depth how to avoid Cross-site Scripting vulnerabilities, it is very recommended to go over OWASP's XSS (Cross Site Scripting) Prevention Cheat Sheet page.

For your specific node.js issue, you can use a dedicated sanitizer like bleach.

Good luck.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.