bkimminich/juice-shop

View on GitHub

Showing 87 of 87 total issues

Function servePublicFiles has 33 lines of code (exceeds 30 allowed). Consider refactoring.
Open

module.exports = function servePublicFiles () {
  return ({ params, query }, res, next) => {
    const file = params.file

    if (!file.includes('/')) {
Severity: Minor
Found in routes/fileServer.js - About 1 hr to fix

    Function ngOnInit has 32 lines of code (exceeds 30 allowed). Consider refactoring.
    Open

      ngOnInit () {
        this.ngZone.runOutsideAngular(() => {
          this.io.socket().on('challenge solved', (data: ChallengeSolvedMessage) => {
            if (data && data.challenge) {
              if (!data.hidden) {

      Function login has 32 lines of code (exceeds 30 allowed). Consider refactoring.
      Open

        login () {
          this.user = {}
          this.user.email = this.emailControl.value
          this.user.password = this.passwordControl.value
          this.userService.login(this.user).subscribe((authentication: any) => {
      Severity: Minor
      Found in frontend/src/app/login/login.component.ts - About 1 hr to fix

        Function ngOnInit has 32 lines of code (exceeds 30 allowed). Consider refactoring.
        Open

          ngOnInit () {
            this.activatedRoute.paramMap.subscribe((paramMap: ParamMap) => {
              this.orderId = paramMap.get('id')
              this.trackOrderService.save(this.orderId).subscribe((results) => {
                this.promotionalDiscount = results.data[0].promotionalAmount ? parseFloat(results.data[0].promotionalAmount) : 0
        Severity: Minor
        Found in frontend/src/app/order-completion/order-completion.component.ts - About 1 hr to fix

          Function changePassword has 31 lines of code (exceeds 30 allowed). Consider refactoring.
          Open

          module.exports = function changePassword () {
            return ({ query, headers, connection }, res, next) => {
              const currentPassword = query.current
              const newPassword = query.new
              const repeatPassword = query.repeat
          Severity: Minor
          Found in routes/changePassword.js - About 1 hr to fix

            Function upgradeToDeluxe has 31 lines of code (exceeds 30 allowed). Consider refactoring.
            Open

            module.exports.upgradeToDeluxe = function upgradeToDeluxe () {
              return async (req, res, next) => {
                const user = await models.User.findOne({ where: { id: req.body.UserId, role: insecurity.roles.customer } })
                if (!user) {
                  res.status(400).json({ status: 'error', error: 'Something went wrong. Please try again!' })
            Severity: Minor
            Found in routes/deluxe.js - About 1 hr to fix

              Consider simplifying this complex logical expression.
              Open

                  if (user && basketIds[0] && basketIds[0] !== 'undefined' && user.bid != basketIds[0]) { // eslint-disable-line eqeqeq
                    res.status(401).send('{\'error\' : \'Invalid BasketId\'}')
                  } else {
                    const basketItem = {
                      ProductId: productIds[productIds.length - 1],
              Severity: Major
              Found in routes/basketItems.js - About 1 hr to fix

                Function retrieveCurrentContinueCode has a Cognitive Complexity of 11 (exceeds 7 allowed). Consider refactoring.
                Open

                module.exports = function retrieveCurrentContinueCode () {
                  return (req, res) => {
                    const ids = []
                    for (const name in challenges) {
                      if (Object.prototype.hasOwnProperty.call(challenges, name)) {
                Severity: Minor
                Found in routes/continueCode.js - About 55 mins to fix

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                Function calculateTutorialTier has a Cognitive Complexity of 11 (exceeds 7 allowed). Consider refactoring.
                Open

                  calculateTutorialTier (challenges: Challenge[]) {
                    this.allTutorialsCompleted = true
                    this.isLastTutorialsTier = true
                    this.tutorialsTier = 1
                
                
                Severity: Minor
                Found in frontend/src/app/score-board/score-board.component.ts - About 55 mins to fix

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                Function fileUpload has a Cognitive Complexity of 11 (exceeds 7 allowed). Consider refactoring.
                Open

                module.exports = function fileUpload () {
                  return (req, res, next) => {
                    const file = req.file
                    const buffer = file.buffer
                    const uploadedFileType = fileType(buffer)
                Severity: Minor
                Found in routes/profileImageFileUpload.js - About 55 mins to fix

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                Function addBasketItem has a Cognitive Complexity of 11 (exceeds 7 allowed). Consider refactoring.
                Open

                module.exports.addBasketItem = function addBasketItem () {
                  return (req, res, next) => {
                    var result = utils.parseJsonCustom(req.rawBody)
                    var productIds = []
                    var basketIds = []
                Severity: Minor
                Found in routes/basketItems.js - About 55 mins to fix

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                Function onResize has a Cognitive Complexity of 11 (exceeds 7 allowed). Consider refactoring.
                Open

                  onResize (event: any) {
                    if (event.target.innerWidth < 2600) {
                      this.breakpoint = 4
                      if (event.target.innerWidth < 1740) {
                        this.breakpoint = 3
                Severity: Minor
                Found in frontend/src/app/search-result/search-result.component.ts - About 55 mins to fix

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                Function mimeType has a Cognitive Complexity of 11 (exceeds 7 allowed). Consider refactoring.
                Open

                export const mimeType = (
                  control: AbstractControl
                ): Promise<{ [key: string]: any }> | Observable<{ [key: string]: any }> => {
                  if (typeof(control.value) === 'string') {
                    return of(null)
                Severity: Minor
                Found in frontend/src/app/photo-wall/mime-type.validator.ts - About 55 mins to fix

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                Function saveLoginIp has a Cognitive Complexity of 10 (exceeds 7 allowed). Consider refactoring.
                Open

                module.exports = function saveLoginIp () {
                  return (req, res, next) => {
                    var loggedInUser = insecurity.authenticatedUsers.from(req)
                    if (loggedInUser !== undefined) {
                      var lastLoginIp = req.headers['true-client-ip']
                Severity: Minor
                Found in routes/saveLoginIp.js - About 45 mins to fix

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                Function getDeliveryMethods has a Cognitive Complexity of 10 (exceeds 7 allowed). Consider refactoring.
                Open

                module.exports.getDeliveryMethods = function getDeliveryMethods () {
                  return async (req, res, next) => {
                    const methods = await models.Delivery.findAll()
                    if (methods) {
                      const sendMethods = []
                Severity: Minor
                Found in routes/delivery.js - About 45 mins to fix

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                Function quantityCheck has 5 arguments (exceeds 4 allowed). Consider refactoring.
                Open

                async function quantityCheck (req, res, next, id, quantity) {
                Severity: Minor
                Found in routes/basketItems.js - About 35 mins to fix

                  Function profileImageUrlUpload has a Cognitive Complexity of 9 (exceeds 7 allowed). Consider refactoring.
                  Open

                  module.exports = function profileImageUrlUpload () {
                    return (req, res, next) => {
                      if (req.body.imageUrl !== undefined) {
                        const url = req.body.imageUrl
                        if (url.match(/(.)*solve\/challenges\/server-side(.)*/) !== null) req.app.locals.abused_ssrf_bug = true
                  Severity: Minor
                  Found in routes/profileImageUrlUpload.js - About 35 mins to fix

                  Cognitive Complexity

                  Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                  A method's cognitive complexity is based on a few simple rules:

                  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                  • Code is considered more complex for each "break in the linear flow of the code"
                  • Code is considered more complex when "flow breaking structures are nested"

                  Further reading

                  Function quantityCheck has a Cognitive Complexity of 9 (exceeds 7 allowed). Consider refactoring.
                  Open

                  async function quantityCheck (req, res, next, id, quantity) {
                    const record = await models.PurchaseQuantity.findOne({ where: { ProductId: id, UserId: req.body.UserId } })
                  
                    const previousPurchase = record ? record.quantity : 0
                  
                  
                  Severity: Minor
                  Found in routes/basketItems.js - About 35 mins to fix

                  Cognitive Complexity

                  Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                  A method's cognitive complexity is based on a few simple rules:

                  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                  • Code is considered more complex for each "break in the linear flow of the code"
                  • Code is considered more complex when "flow breaking structures are nested"

                  Further reading

                  Function servePublicFiles has a Cognitive Complexity of 9 (exceeds 7 allowed). Consider refactoring.
                  Open

                  module.exports = function servePublicFiles () {
                    return ({ params, query }, res, next) => {
                      const file = params.file
                  
                      if (!file.includes('/')) {
                  Severity: Minor
                  Found in routes/fileServer.js - About 35 mins to fix

                  Cognitive Complexity

                  Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                  A method's cognitive complexity is based on a few simple rules:

                  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                  • Code is considered more complex for each "break in the linear flow of the code"
                  • Code is considered more complex when "flow breaking structures are nested"

                  Further reading

                  Function save has a Cognitive Complexity of 9 (exceeds 7 allowed). Consider refactoring.
                  Open

                    save (fileName: string = 'owasp_juice_shop') {
                      const backup: Backup = { version: this.VERSION }
                  
                      backup.scoreBoard = {
                        displayedDifficulties: localStorage.getItem('displayedDifficulties') ? JSON.parse(String(localStorage.getItem('displayedDifficulties'))) : undefined,
                  Severity: Minor
                  Found in frontend/src/app/Services/local-backup.service.ts - About 35 mins to fix

                  Cognitive Complexity

                  Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                  A method's cognitive complexity is based on a few simple rules:

                  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                  • Code is considered more complex for each "break in the linear flow of the code"
                  • Code is considered more complex when "flow breaking structures are nested"

                  Further reading

                  Severity
                  Category
                  Status
                  Source
                  Language