contrib.nodejsscan.header_cors_star.express_cors

rules:
  - id: express_cors
    message: Access-Control-Allow-Origin response header is set to "*". This will
      disable CORS Same Origin Policy restrictions.
    severity: WARNING
    metadata:
      likelihood: LOW
      impact: LOW
      confidence: LOW
      category: security
      cwe:
        - "CWE-346: Origin Validation Error"
      owasp:
        - A07:2021 - Identification and Authentication Failures
      references:
        - https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures
      technology:
        - web
      subcategory:
        - audit
      license: Commons Clause License Condition v1.0[LGPL-2.1-only]
    languages:
      - javascript
    patterns:
      - pattern-either:
          - pattern-inside: function ($REQ, $RES, ...) {...}
          - pattern-inside: function $FUNC($REQ, $RES, ...) {...}
          - pattern-inside: $X = function $FUNC($REQ, $RES, ...) {...}
          - pattern-inside: var $X = function $FUNC($REQ, $RES, ...) {...};
          - pattern-inside: $APP.$METHOD(..., function $FUNC($REQ, $RES, ...) {...})
      - pattern-either:
          - pattern: |
              $APP.options('*', cors(...))
          - pattern: |
              $RES.set("=~/access-control-allow-origin/i", '*', ...)
          - pattern: |
              $RES.set(..., { "=~/access-control-allow-origin/i" : '*' }, ...)
          - pattern: |
              $RES.header("=~/access-control-allow-origin/i", '*', ...)
          - pattern: >
              $RES.writeHead(..., {"=~/access-control-allow-origin/i": '*' },
              ...)