search

RenwaX23 / XSSTRON

Electron JS Browser To Find XSS Vulnerabilities Automatically
GNU General Public License v3.0
675 stars 119 forks source link

Suspicious dependency in package.json #9

Closed phra closed 3 years ago

phra commented 3 years ago

what's the purpose of the following dependency listed in your package.json ? this library isn't being used by your project and it doesn't have a reference to any GitHub repository.

https://github.com/RenwaX23/XSSTRON/blob/02ab3e741f3ddbca32b0abb8ed07a95736cbe1b9/package.json#L22

the current source code of the dependency is the following:

var http = require('http');

http.createServer(function (request, response) {

    // 发送 HTTP 头部 
    // HTTP 状态值: 200 : OK
    // 内容类型: text/plain
    response.writeHead(200, {'Content-Type': 'text/plain'});

    // 发送响应数据 "Hello World"
    response.end('Hello World\n');
}).listen(8888);

// 终端打印如下信息
console.log('Server running at http://127.0.0.1:8888/');

and its package.json

{
  "name": "module_name",
  "version": "1.0.0",
  "description": "dis中文",
  "main": "index.js",
  "dependencies": {
    "express": "^4.13.4"
  },
  "devDependencies": {},
  "scripts": {
    "test": "make test",
    "start": "node server.js"
  },
  "author": "stay",
  "license": "ISC"
}
RenwaX23 commented 3 years ago

Thanks for letting me, it looks like it was copy-paste issue i forgot about it, now it's removed