id: symfony-fosjrouting-bundle

info:
  name: Symfony FOSJsRoutingBundle
  author: DhiyaneshDk
  severity: info
  reference:
    - https://packagist.org/packages/friendsofsymfony/jsrouting-bundle
    - https://github.com/FriendsOfSymfony/FOSJsRoutingBundle
  metadata:
    verified: true
    max-request: 1
    shodan-query: http.html:"symfony Profiler"
  tags: misconfig,symfony

http:
  - method: GET
    path:
      - '{{BaseURL}}/js/routing?callback=fos.Router.setDatafoobarfoo'

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '/**/fos.Router.setDatafoobarfoo({'
          - 'routes'
        condition: and

      - type: word
        part: header
        words:
          - "application/javascript"

      - type: status
        status:
          - 200

# digest: 4a0a004730450220488233dec162f4ad0f7d32477f6546bf32e7e7119d1e9cd5a2cd1fd5fc7cd496022100f546e35110a54e4d9ac976a2e977a04e320b0d789cc52435c102802aa123e3ed:922c64590222798bb761d5b6d8e72950