Server Side Request Forgery in /app/controllers/API/tricks.js

## Server Side Request Forgery in /app/controllers/API/tricks.js   [![critical severity](https://img.shields.io/badge/severity-critical-red.svg)](#) 
**Fixability:**   we don't have available fix now 
**Overview:**
Bad function found 'request' that calls bad var Url  
https://github.com/netcode/express4-bootstrap-starter/blob/1615805690352ba4ab5d3eee72ee600623ce5154/app/controllers/API/tricks.js#L135-L153 
 
<sub>refrence id: 899515800519217815</sub>
What do you want me to do next? 
details`@shieldfy details`  
ignore`@shieldfy ignore` ?
                

	request(Url, function (error, response, body) {
	if (!error && response.statusCode == 200) {

	screenshot(Url)
	.width(1280)
	.height(800)
	.capture(function(err, img) {

	if (err) {
	renderDefaultImage(res)
	// throw err;
	}
	res.set('Content-Type', 'image/png');
	res.send(new Buffer(img));
	});
	} else {
	renderDefaultImage(res);
	}
	})

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Server Side Request Forgery in /app/controllers/API/tricks.js #29