Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fix TypeError when server-side request fails
In addition to the intended SSRF vulnerability, it was possible to
crash the server with maliciously chosen query parameters.

Closes #225
  • Loading branch information
rcowsill committed Jan 26, 2021
1 parent b9e2c49 commit 4a4d1db
Showing 1 changed file with 4 additions and 2 deletions.
6 changes: 4 additions & 2 deletions app/routes/research.js
Expand Up @@ -13,15 +13,17 @@ function ResearchHandler(db) {

if (req.query.symbol) {
const url = req.query.url + req.query.symbol;
return needle.get(url, (error, newResponse) => {
return needle.get(url, (error, newResponse, body) => {
if (!error && newResponse.statusCode === 200) {
res.writeHead(200, {
"Content-Type": "text/html"
});
}
res.write("<h1>The following is the stock information you requested.</h1>\n\n");
res.write("\n\n");
res.write(newResponse.body);
if (body) {
res.write(body);
}
return res.end();
});
}
Expand Down

0 comments on commit 4a4d1db

Please sign in to comment.