hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll

Browse Source 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
This commit is contained in:
Alessio Della Libera
2020-08-16 14:34:19 +02:00
committed by GitHub
parent 05ffd672d7
commit 1ba39e4130
1 changed files with 1 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll
View File

@@ -146,10 +146,7 @@ module InsecureCookie {
override predicate isInsecure() {
// A cookie is insecure if there are not cookie options with the `secure` flag set to `true`.
not exists(DataFlow::SourceNode cookieOptions |
cookieOptions = this.getCookieOptionsArgument() and
getCookieFlagValue(flag()).mayHaveBooleanValue(true)
)
not getCookieFlagValue(flag()).mayHaveBooleanValue(true)
}
}
}