From 3d1beb701a43d24c0e7d2c5b46462cf0665db5fa Mon Sep 17 00:00:00 2001 From: Benjamin Altpeter Date: Mon, 29 Jun 2020 14:23:36 +0200 Subject: [PATCH] Update NodeIntegrationJSCheck to respect the default changes --- src/finder/checks/AtomicChecks/NodeIntegrationJSCheck.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/finder/checks/AtomicChecks/NodeIntegrationJSCheck.js b/src/finder/checks/AtomicChecks/NodeIntegrationJSCheck.js index 4578bb5..d8b3d8a 100644 --- a/src/finder/checks/AtomicChecks/NodeIntegrationJSCheck.js +++ b/src/finder/checks/AtomicChecks/NodeIntegrationJSCheck.js @@ -13,7 +13,7 @@ export default class NodeIntegrationJSCheck { //nodeIntegrationInWorker Boolean (optional) - Whether node integration is enabled in web workers. Default is false //nodeIntegrationInSubFrames Boolean (optional) - Whether node integration is enabled in in sub-frames such as iframes. Default is false - match(astNode, astHelper, scope){ + match(astNode, astHelper, scope, defaults){ if (astNode.type !== 'NewExpression') return null; if (astNode.callee.name !== 'BrowserWindow' && astNode.callee.name !== 'BrowserView') return null; @@ -37,7 +37,7 @@ export default class NodeIntegrationJSCheck { locations = locations.concat(loc); } - if (!nodeIntegrationFound) { + if (!nodeIntegrationFound && defaults.nodeIntegration) { locations.push({ line: astNode.loc.start.line, column: astNode.loc.start.column, id: this.id, description: this.description, shortenedURL: this.shortenedURL, severity: severity.HIGH, confidence: confidence.FIRM, manualReview: false }); } @@ -61,7 +61,7 @@ export default class NodeIntegrationJSCheck { if ((node.key.value === "sandbox" || node.key.name === "sandbox") && isIdentifier) continue; if ((nodeIntegrationStrings.includes(node.key.value) || nodeIntegrationStrings.includes(node.key.name)) && !isIdentifier) continue; } - + locations.push({ line: node.key.loc.start.line, column: node.key.loc.start.column,