Base solution for your next web application
Open Closed

CWE-79 Code Vulnerabilities #12190


User avatar
0
gtewksbury created

Hello!

Question for the support team regarding angular/src/shared/helpers/HtmlHelper.ts. This file is tripping https://cwe.mitre.org/data/definitions/79.html. When looking through the source code, I don't see any references to HtmlHelper.ts within the code base. Is there any reason we can't remove this file entirely?

Also angular/src/shared/helpers/DomHelper.ts is also tripping https://cwe.mitre.org/data/definitions/79.html. This feels like a legitimate risk, as depending on what's passed into it, it could run malicious JavaScript code. The recommendation is to sanitize any HTML that is set based on dynamic data. Below is the code that is getting flagged. Is this something the ASP.NET Zero team plans to do based on the CWE above?

static createElement(tag: string, attributes: any[]): any { let el = document.createElement(tag); // tag needs to be sanitized for (let i = 0; i < attributes.length; i++) { let attribute = attributes[i]; el.setAttribute(attribute.key, attribute.value); // attribute.value needs to be sanitized }

return el;

}

Thanks!


1 Answer(s)
  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @gtewksbury

    Sorry for the late reply. These classes are accessed by developers and not end users, so I think it doesn't cause any issues. But, we will remove HtmlHelper and try to replace DomHelper with an alternative if possible. You can follow https://github.com/aspnetzero/aspnet-zero-core/issues/5434