hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

python: format

Browse Source
This commit is contained in:
Rasmus Lerchedahl Petersen
2022-05-09 21:22:27 +02:00
parent 2a5908ff49
commit 1c7e533144
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
python/ql/src/Security/CWE-352/CSRFProtectionDisabled.ql
View File

@@ -33,5 +33,5 @@ where
// We have seen examples of dummy projects with vulnerable settings alongside a main
// project with a protecting settings file. We want to rule out this scenario, so we
// require all non-test settings to be vulnerable.
forall( HTTP::Server::CsrfProtectionSetting s| relevantSetting(s) | vulnerableSetting(s) )
forall(HTTP::Server::CsrfProtectionSetting s | relevantSetting(s) | vulnerableSetting(s))
select setting, "Potential CSRF vulnerability due to forgery protection being disabled or weakened."