forked from github/codeql
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathapollo.serverSide.ts
More file actions
27 lines (23 loc) · 929 Bytes
/
apollo.serverSide.ts
File metadata and controls
27 lines (23 loc) · 929 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
import { ApolloServer } from '@apollo/server';
import { get } from 'https';
function createApolloServer(typeDefs) {
const resolvers = {
Mutation: {
downloadFiles: async (_, { files }) => { // $ Source[js/request-forgery]
files.forEach((file) => { get(file.url, (res) => {}); }); // $ Alert[js/request-forgery] Sink[js/request-forgery]
return true;
},
},
};
const server = new ApolloServer({typeDefs, resolvers});
const resolvers2 = {
Mutation: {
downloadFiles: async (_, { files }) => { // $ MISSING: Source[js/request-forgery]
files.forEach((file) => { get(file.url, (res) => {}); }); // $ MISSING: Alert[js/request-forgery] Sink[js/request-forgery]
return true;
},
},
};
class CustomApollo extends ApolloServer {}
const srv = new CustomApollo({typeDefs, resolvers: resolvers2});
}