Prevention of sensitive information leakage through print functions
import express from 'express';
const app = express();
app.get('/users/:id', (req, res) => {
const userId = req.params.id;
const user = getUserById(userId);
console.log(`User details: ${JSON.stringify(user)}`); // Vulnerable print function
res.json(user);
});
function getUserById(id: string) {
// Database query to fetch user details
return {
id,
name: 'John Doe',
email: 'johndoe@example.com',
password: 'password123' // Sensitive information
};
}
app.listen(3000, () => {
console.log('Server started on port 3000');
});
The vulnerability in this code lies in the usage of the
console.log function to print sensitive information.
In the
app.get('/users/:id') route handler, the code retrieves a user's details based on the provided
id parameter. After fetching the user details, it uses the
console.log function to print the user object, including sensitive information such as the password.
The problem with this approach is that the
console.log function outputs the information to the standard output (stdout), which can be easily accessed by unauthorized users. This means that sensitive information, like the password in this case, can be exposed to potential attackers.
By printing sensitive information to the console, the code inadvertently exposes technical details of the application to unauthorized users. This increases the attack surface and provides potential attackers with valuable information that can be used to exploit the system.
To mitigate this vulnerability, it is recommended to remove or comment out the
console.log statement that prints sensitive information. In a production environment, it is crucial to avoid printing any sensitive data to the console or any other output that can be accessed by unauthorized users.
import express from 'express';
const app = express();
app.get('/users/:id', (req, res) => {
const userId = req.params.id;
const user = getUserById(userId);
const sanitizedUser = {
id: user.id,
name: user.name
};
res.json(sanitizedUser);
});
function getUserById(id: string) {
// Database query to fetch user details
return {
id,
name: 'John Doe'
};
}
app.listen(3000, () => {
console.log('Server started on port 3000');
});
The fixed code addresses the vulnerability by ensuring that no sensitive or technical information is leaked through print functions.
In the code, an Express server is created using the
express package. It defines a route for retrieving user information based on the provided user ID.
When a GET request is made to the
/users/:id endpoint, the code retrieves the user ID from the request parameters and calls the
getUserById function to fetch the user details from the database.
To prevent leaking sensitive information, the code creates a
sanitizedUser object that only includes the necessary information, such as the user's ID and name. This ensures that any sensitive or technical details are not exposed in the response.
Finally, the sanitized user object is sent as a JSON response using the
res.json method.
The
getUserById function is responsible for fetching the user details from the database. In this example, it simply returns a hardcoded user object with an ID and name.
The server is then started on port 3000, and a message is logged to the console indicating that the server has started successfully.
Overall, the fixed code ensures that only necessary and safe information is exposed in the response, preventing any potential leakage of sensitive or technical details.