var search_time = input_value;
return this.publishingTime == search_time ||
this.filmingTime == search_Time ||
this.recordingTime == search_Time;
If the application developer were building this application in PHP (for example), the source code might look like this:
$query = ‘function()
var search_time = ” .
$_GET[‘time’] . ”;’ .
‘return this.publishingTime == search_Time || ‘ .
this.filmingTime == search_Time || ‘ .
this.recordingTime == search_Time;}’;
$cursor = $collection->find(array(‘$where’ => $query));
This code uses the value of the request parameter “year” as the search
injection attack. For example, this request would be an effective DoS attack against the system: