node icon indicating copy to clipboard operation
node copied to clipboard

Published 20 hours ago verified publisher icon nodejs

doc: add alert on REPL from TCP socket

Open RafaelGSS opened this issue 6 months ago • 1 comments

Initially, I was considering removing this example:

net.createServer((socket) => {
  connections += 1;
  repl.start({
    prompt: 'Node.js via TCP socket> ',
    input: socket,
    output: socket,
  }).on('exit', () => {
    socket.end();
  });
}).listen(5001);

But it does expose some of the possibilities of Node.js REPL. So, instead of removing it from our examples, I've included an alert for its usage in production.

cc: @mcollina

Refs: https://hackerone.com/reports/2684357

RafaelGSS avatar Aug 27 '24 18:08 RafaelGSS