logo

Database

Typescript Sensitive Information Get Request

Description

This detector identifies TypeScript code that exposes sensitive information through GET requests. GET requests can leak sensitive data through URL parameters, query strings, or request logs, as URLs are often logged by web servers, proxies, and browser history.

Weakness:

030 - Sensitive information sent via URL parameters

Category: Information Collection

Detection Strategy

    Scans TypeScript source code for HTTP GET request patterns that may contain sensitive data

    Identifies when GET requests are used to transmit potentially sensitive information that should use POST requests instead

    Triggers when sensitive data (like passwords, tokens, or personal information) is included in GET request URLs or query parameters

    Reports vulnerabilities where confidential data could be exposed through server logs, browser history, or referrer headers

Vulnerable code example

import express, { Request, Response } from 'express';

const app = express();

// VULNERABLE: Password in URL query parameters can leak through logs
app.get('/login', (req: Request, res: Response) => {
    const password = req.query.password as string; // Credentials exposed in URL
    ...

✅ Secure code example

import express, { Request, Response } from 'express';

const app = express();

app.use(express.json());
app.use(express.urlencoded({ extended: false }));

// SECURE: Password in POST body instead of URL query parameters...