logo

Database

Javascript Sensitive Information Get Request

Description

This vulnerability detector identifies JavaScript code that sends sensitive information through HTTP GET requests. GET requests expose data in URLs, which can be logged in server logs, browser history, and referrer headers, making sensitive information vulnerable to disclosure.

Weakness:

030 - Sensitive information sent via URL parameters

Category: Information Collection

Detection Strategy

    Scans JavaScript source code for HTTP GET request patterns that may transmit sensitive data

    Identifies method calls, function invocations, or API calls that perform GET operations

    Analyzes the data being sent with GET requests to determine if it contains potentially sensitive information

    Reports vulnerabilities when sensitive data (credentials, tokens, personal information) is detected in GET request parameters or URLs

    Triggers on common HTTP client methods like fetch(), XMLHttpRequest, axios.get(), jQuery.get(), and similar GET request implementations

Vulnerable code example

const express = require('express');
const app = express();

app.get('/login', (req, res) => {
    const password = req.query.password; // Credentials exposed in URL
    authenticate(password);
    res.send('Login processed');
});...

✅ Secure code example

const express = require('express');
const bodyParser = require('body-parser');
const app = express();

app.use(bodyParser.urlencoded({ extended: false }));
app.use(express.json());

// Credentials sent via POST body - not exposed in URL/logs...