Secure transmission of sensitive information
import express from 'express';
const app = express();
app.get('/login', (req, res) => {
const username = req.query.username;
const password = req.query.password;
// Sending sensitive information insecurely
res.send(`Welcome, ${username}! Your password is ${password}`);
});
app.listen(3000, () => {
console.log('Server is running on port 3000');
});
The vulnerability in this code is that it sends sensitive information (the username and password) insecurely through the response of an HTTP GET request. The username and password are obtained from the query parameters
req.query.username
and
req.query.password
, respectively.
By sending this sensitive information in the response, it can be easily intercepted and accessed by attackers. This poses a significant risk as it can lead to unauthorized access to user accounts and potentially compromise sensitive data.
To fix this vulnerability, it is recommended to send sensitive information through a more secure channel. This can be achieved by using session variables or by using the HTTP POST method instead of GET. Additionally, it is important to ensure that the sensitive information is properly encrypted and protected during transmission.
import express from 'express';
const app = express();
app.use(express.json());
app.post('/login', (req, res) => {
const username = req.body.username;
const password = req.body.password;
// Implement secure credential storage and validation logic here
// Sending response securely
res.send(`Welcome, ${username}!`);
});
app.listen(3000, () => {
console.log('Server is running on port 3000');
});
The fixed code is written in TypeScript using the Express framework. It addresses the vulnerability by ensuring that sensitive information, such as credentials, is sent securely.
First, the code imports the necessary dependencies, including the Express module. It then creates an instance of the Express application.
The
app.use(express.json())
middleware is used to parse incoming requests with JSON payloads. This allows the server to extract data from the request body.
The code defines a route handler for the '/login' endpoint using the HTTP POST method. Inside the route handler, it retrieves the username and password from the request body using
req.body.username
and
req.body.password
respectively.
To address the vulnerability, the code suggests implementing secure credential storage and validation logic. This could involve using encryption techniques to store and compare passwords securely, such as hashing algorithms with salt.
Finally, the code sends a response securely by using the
res.send()
method to send a welcome message to the client. This response does not include any sensitive information.
The server is set to listen on port 3000 using the
app.listen()
method.
By implementing secure credential storage and validation logic, and sending responses securely, the code addresses the vulnerability of sending sensitive information insecurely.