ocelot-Social-Community/Ocelot-Social
1
0
Fork 0
mirror of https://github.com/Ocelot-Social-Community/Ocelot-Social.git synced 2025-12-13 07:46:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Protect against cypher injection vulnerability

Browse Source 
- following @roschaefer PR review suggestion
This commit is contained in:
mattwr18 2019-10-30 15:37:50 +01:00
parent 7564908456
commit 715261238a
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
backend/src/schema/resolvers/notifications.js
View File

@ -40,8 +40,8 @@ export default {
default:
orderByClause = ''
}
const offset = args.offset ? `SKIP ${args.offset}` : ''
const limit = args.first ? `LIMIT ${args.first}` : ''
const offset = args.offset && typeof args.offset === 'number' ? `SKIP ${args.offset}` : ''
const limit = args.first && typeof args.first === 'number' ? `LIMIT ${args.first}` : ''
try {
const cypher = `
MATCH (resource {deleted: false, disabled: false})-[notification:NOTIFIED]->(user:User {id:$id})