doc: warn about unvalidated input in child_process - android-node-v8.git - Fork of Node.JS that build on Android

about summary refs log tree commit diff

path: root/test/parallel/test-http-allow-req-after-204-res.js

diff options

author	Matthew Garrett <mjg59@coreos.com>	2016-12-26 22:45:16 +0000
committer	Sam Roberts <vieuxtech@gmail.com>	2016-12-30 09:26:30 -0800
commit	f60aba2fd475de34eb9e730d9eae6c71381e0e43 (patch)
tree	c17ff568c8e93cb69d4ea93283c27a43c1376794 /test/parallel/test-http-allow-req-after-204-res.js
parent	6463ef6affa73794a5ad33108997c430d02acf2c (diff)
download	android-node-v8-f60aba2fd475de34eb9e730d9eae6c71381e0e43.tar.gz android-node-v8-f60aba2fd475de34eb9e730d9eae6c71381e0e43.tar.bz2 android-node-v8-f60aba2fd475de34eb9e730d9eae6c71381e0e43.zip

doc: warn about unvalidated input in child_process

child_process.exec*() and child_process.spawn*() (if options.shell is true) allow trivial arbitrary command execution if code passes unsanitised user input to it. Add warnings in the docs to make that clear. PR-URL: https://github.com/nodejs/node/pull/10466 Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>

Diffstat (limited to 'test/parallel/test-http-allow-req-after-204-res.js')

0 files changed, 0 insertions, 0 deletions