-
Notifications
You must be signed in to change notification settings - Fork 4
Expand file tree
/
Copy pathXSJSAuthentication.ql
More file actions
38 lines (36 loc) · 1.12 KB
/
XSJSAuthentication.ql
File metadata and controls
38 lines (36 loc) · 1.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
/**
* @name Broken XSJS authentication
* @description Disabling XSJS authentication makes the application vulnerable to unauthorized access.
* @kind problem
* @problem.severity warning
* @security-severity 7.5
* @precision medium
* @id js/xsjs-broken-authentication
* @tags security
* external/cwe/cwe-306
*/
import javascript
import advanced_security.javascript.frameworks.xsjs.Xsaccess
from JsonValue value, string msg
where
value.getJsonFile() instanceof ExposedServiceAccessSpec and
(
msg = "Authentication should not be disabled." and
exists(JsonValue v |
value = v.getPropValue(["authentication", "authenticationMethod", "authenticationType"])
|
value.getStringValue() = "none"
or
value instanceof JsonNull
)
or
// the authentication specification is missing from .xsaccess
msg = "Authentication is missing from the configuration." and
value.isTopLevel() and
value.getJsonFile().getBaseName() = ".xsaccess" and
not exists(JsonValue p |
p.getJsonFile() = value.getJsonFile() and
exists(p.getPropValue("authentication"))
)
)
select value, msg