QP10 Excessive Duplication
What this means
SiteShadow flagged significant copy/paste duplication across files (repeated helpers, repeated security logic, repeated validation). Duplication becomes a security problem when fixes are applied in one place but missed elsewhere.
Why it matters
Duplicated logic increases the chance of inconsistent security fixes.
- Patch gaps: one copy gets fixed, another remains vulnerable.
- Drift: behavior diverges over time, producing bypasses and inconsistencies.
- Harder audits: reviewers must chase the same logic across many places.
Safer examples
1) Centralize security-critical logic
Put auth, authorization checks, input validation, and encoding helpers in one shared module.
2) Prefer shared middleware/policies
Avoid copy/pasting "check auth" blocks across endpoints.
3) Add tests for the shared helper
When security logic is centralized, tests protect all call sites at once.
How SiteShadow detects it (high level)
- Uses similarity/duplication heuristics across files to flag repeated logic.
- Highlights duplication in security-sensitive areas (auth, validation, crypto, file handling).
References
- DRY Principle: https://en.wikipedia.org/wiki/Don%27t_repeat_yourself
---