Rust: Account for the 'secure' and 'partitioned' attributes.

2025-12-17 01:03:14 +01:00 · 2025-09-19 12:39:50 +01:00
parent 257a1b0179
commit 2654affeee
8 changed files with 213 additions and 134 deletions
--- a/rust/ql/lib/codeql/rust/frameworks/biscotti.model.yml
+++ b/rust/ql/lib/codeql/rust/frameworks/biscotti.model.yml
@@ -16,8 +16,8 @@ extensions:
      pack: codeql/rust-all
      extensible: summaryModel
    data:
-      - ["<biscotti::response_cookie::ResponseCookie>::set_secure", "Argument[self]", "ReturnValue", "taint", "manual"]
-      - ["<biscotti::response_cookie::ResponseCookie>::set_partitioned", "Argument[self]", "ReturnValue", "taint", "manual"]
+      - ["<biscotti::response_cookie::ResponseCookie>::set_secure", "Argument[self].OptionalBarrier[cookie-secure-arg0]", "ReturnValue", "taint", "manual"]
+      - ["<biscotti::response_cookie::ResponseCookie>::set_partitioned", "Argument[self].OptionalBarrier[cookie-partitioned-arg0]", "ReturnValue", "taint", "manual"]
      - ["<biscotti::response_cookie::ResponseCookie>::set_name", "Argument[self]", "ReturnValue", "taint", "manual"]
      - ["<biscotti::response_cookie::ResponseCookie>::set_value", "Argument[self]", "ReturnValue", "taint", "manual"]
      - ["<biscotti::response_cookie::ResponseCookie>::set_http_only", "Argument[self]", "ReturnValue", "taint", "manual"]
--- a/rust/ql/lib/codeql/rust/frameworks/cookie.model.yml
+++ b/rust/ql/lib/codeql/rust/frameworks/cookie.model.yml
@@ -26,8 +26,8 @@ extensions:
      pack: codeql/rust-all
      extensible: summaryModel
    data:
-      - ["<cookie::builder::CookieBuilder>::secure", "Argument[self]", "ReturnValue", "taint", "manual"]
-      - ["<cookie::builder::CookieBuilder>::partitioned", "Argument[self]", "ReturnValue", "taint", "manual"]
+      - ["<cookie::builder::CookieBuilder>::secure", "Argument[self].OptionalBarrier[cookie-secure-arg0]", "ReturnValue", "taint", "manual"]
+      - ["<cookie::builder::CookieBuilder>::partitioned", "Argument[self].OptionalBarrier[cookie-partitioned-arg0]", "ReturnValue", "taint", "manual"]
      - ["<cookie::builder::CookieBuilder>::expires", "Argument[self]", "ReturnValue", "taint", "manual"]
      - ["<cookie::builder::CookieBuilder>::max_age", "Argument[self]", "ReturnValue", "taint", "manual"]
      - ["<cookie::builder::CookieBuilder>::domain", "Argument[self]", "ReturnValue", "taint", "manual"]
@@ -36,5 +36,5 @@ extensions:
      - ["<cookie::builder::CookieBuilder>::same_site", "Argument[self]", "ReturnValue", "taint", "manual"]
      - ["<cookie::builder::CookieBuilder>::permanent", "Argument[self]", "ReturnValue", "taint", "manual"]
      - ["<cookie::builder::CookieBuilder>::removal", "Argument[self]", "ReturnValue", "taint", "manual"]
-      - ["<cookie::Cookie>::set_secure", "Argument[self]", "ReturnValue", "taint", "manual"]
-      - ["<cookie::Cookie>::set_partitioned", "Argument[self]", "ReturnValue", "taint", "manual"]
+      - ["<cookie::Cookie>::set_secure", "Argument[self].OptionalBarrier[cookie-secure-arg0]", "ReturnValue", "taint", "manual"]
+      - ["<cookie::Cookie>::set_partitioned", "Argument[self].OptionalBarrier[cookie-partitioned-arg0]", "ReturnValue", "taint", "manual"]
--- a/rust/ql/lib/codeql/rust/security/InsecureCookieExtensions.qll
+++ b/rust/ql/lib/codeql/rust/security/InsecureCookieExtensions.qll
@@ -46,4 +46,36 @@ module InsecureCookie {
  private class ModelsAsDataSink extends Sink {
    ModelsAsDataSink() { sinkNode(this, "cookie-use") }
  }
+
+  /**
+   * Holds if cookie attribute `attrib` (`secure` or `partitioned`) is set to `value` (`true` or `false`) at `node`.
+   * A value that cannot be determined is treated as `false`.
+   *
+   * This references models-as-data optional barrier nodes, for example `OptionalBarrier[cookie-secure-arg0]`.
+   */
+  predicate cookieSetNode(DataFlow::Node node, string attrib, boolean value) {
+    exists(
+      FlowSummaryNode summaryNode, string barrierName, CallExprBase ce, int arg,
+      DataFlow::Node argNode
+    |
+      // decode a `cookie-`... optional barrier
+      DataflowImpl::optionalBarrier(summaryNode, barrierName) and
+      attrib = barrierName.regexpCapture("cookie-(secure|partitioned)-arg([0-9]+)", 1) and
+      arg = barrierName.regexpCapture("cookie-(secure|partitioned)-arg([0-9]+)", 2).toInt() and
+      // find a call and arg referenced by this optional barrier
+      ce.getStaticTarget() = summaryNode.getSummarizedCallable() and
+      ce.getArg(arg) = argNode.asExpr().getExpr() and
+      // check if the argument is always `true`
+      (
+        if
+          forex(DataFlow::Node argSourceNode | DataFlow::localFlow(argSourceNode, argNode) |
+            argSourceNode.asExpr().getExpr().(BooleanLiteralExpr).getTextValue() = "true"
+          )
+        then value = true // `true` flow to here
+        else value = false // `false` or unknown
+      ) and
+      // and the node `node` where this happens
+      node.asExpr().getExpr() = ce
+    )
+  }
 }
--- a/rust/ql/src/queries/security/CWE-614/InsecureCookie.ql
+++ b/rust/ql/src/queries/security/CWE-614/InsecureCookie.ql
@@ -20,7 +20,8 @@ import codeql.rust.security.InsecureCookieExtensions

 /**
 * A data flow configuration for tracking values representing cookies without the
- * 'secure' attribute set.
+ * 'secure' attribute set. This is the primary data flow configurationn for this
+ * query.
 */
 module InsecureCookieConfig implements DataFlow::ConfigSig {
  import InsecureCookie
@@ -28,6 +29,9 @@ module InsecureCookieConfig implements DataFlow::ConfigSig {
  predicate isSource(DataFlow::Node node) {
    // creation of a cookie or cookie configuration with default, insecure settings
    node instanceof Source
+    or
+    // setting the 'secure' attribute to false (or an unknown value)
+    cookieSetNode(node, "secure", false)
  }

  predicate isSink(DataFlow::Node node) {
@@ -36,6 +40,37 @@ module InsecureCookieConfig implements DataFlow::ConfigSig {
  }

  predicate isBarrier(DataFlow::Node node) {
+    // setting the 'secure' attribute to true
+    cookieSetNode(node, "secure", true)
+    or
+    node instanceof Barrier
+  }
+
+  predicate observeDiffInformedIncrementalMode() { any() }
+}
+
+/**
+ * A data flow configuration for tracking values representing cookies with the
+ * 'partitioned' attribute set. This is a secondary data flow configuration used
+ * to filter out unwanted results.
+ */
+module PartitionedCookieConfig implements DataFlow::ConfigSig {
+  import InsecureCookie
+
+  predicate isSource(DataFlow::Node node) {
+    // setting the 'partitioned' attribute to true
+    cookieSetNode(node, "partitioned", true)
+  }
+
+  predicate isSink(DataFlow::Node node) {
+    // use of a cookie or cookie configuration
+    node instanceof Sink
+  }
+
+  predicate isBarrier(DataFlow::Node node) {
+    // setting the 'partitioned' attribute to false (or an unknown value)
+    cookieSetNode(node, "partitioned", false)
+    or
    node instanceof Barrier
  }

@@ -44,9 +79,12 @@ module InsecureCookieConfig implements DataFlow::ConfigSig {

 module InsecureCookieFlow = TaintTracking::Global<InsecureCookieConfig>;

+module PartitionedCookieFlow = TaintTracking::Global<PartitionedCookieConfig>;
+
 import InsecureCookieFlow::PathGraph

 from InsecureCookieFlow::PathNode sourceNode, InsecureCookieFlow::PathNode sinkNode
 where
-  InsecureCookieFlow::flowPath(sourceNode, sinkNode)
+  InsecureCookieFlow::flowPath(sourceNode, sinkNode) and
+  not PartitionedCookieFlow::flow(_, sinkNode.getNode())
 select sinkNode.getNode(), sourceNode, sinkNode, "Cookie attribute 'Secure' is not set to true."
--- a/rust/ql/test/query-tests/security/CWE-614/CookieSet.expected
+++ b/rust/ql/test/query-tests/security/CWE-614/CookieSet.expected
@@ -0,0 +1,44 @@
+| main.rs:8:19:8:64 | ... .secure(...) | secure | false |
+| main.rs:12:19:12:63 | ... .secure(...) | secure | true |
+| main.rs:20:5:20:54 | ... .secure(...) | secure | false |
+| main.rs:21:5:21:55 | ... .secure(...) | secure | false |
+| main.rs:24:5:24:51 | ... .secure(...) | secure | false |
+| main.rs:25:5:25:52 | ... .secure(...) | secure | false |
+| main.rs:26:5:26:50 | ... .secure(...) | secure | false |
+| main.rs:27:5:27:51 | ... .secure(...) | secure | false |
+| main.rs:28:5:28:60 | ... .secure(...) | secure | false |
+| main.rs:29:5:29:60 | ... .secure(...) | secure | false |
+| main.rs:33:9:33:58 | ... .secure(...) | secure | false |
+| main.rs:35:9:35:58 | ... .secure(...) | secure | false |
+| main.rs:39:5:39:53 | ... .secure(...) | secure | false |
+| main.rs:40:5:40:64 | ... .secure(...) | secure | false |
+| main.rs:41:5:41:93 | ... .secure(...) | secure | false |
+| main.rs:42:5:42:72 | ... .secure(...) | secure | false |
+| main.rs:43:5:43:60 | ... .secure(...) | secure | false |
+| main.rs:44:5:44:66 | ... .secure(...) | secure | false |
+| main.rs:45:5:45:86 | ... .secure(...) | secure | false |
+| main.rs:46:5:46:62 | ... .secure(...) | secure | false |
+| main.rs:47:5:47:60 | ... .secure(...) | secure | false |
+| main.rs:48:5:48:50 | ... .secure(...) | secure | false |
+| main.rs:49:5:49:39 | ... .secure(...) | secure | false |
+| main.rs:50:5:50:54 | ... .secure(...) | secure | false |
+| main.rs:53:5:53:49 | ... .secure(...) | secure | true |
+| main.rs:53:5:53:63 | ... .secure(...) | secure | false |
+| main.rs:54:5:54:50 | ... .secure(...) | secure | false |
+| main.rs:54:5:54:63 | ... .secure(...) | secure | true |
+| main.rs:61:5:61:22 | a.set_secure(...) | secure | true |
+| main.rs:63:5:63:23 | a.set_secure(...) | secure | false |
+| main.rs:71:5:71:27 | b.set_secure(...) | secure | false |
+| main.rs:73:5:73:22 | b.set_secure(...) | secure | true |
+| main.rs:81:9:81:26 | c.set_secure(...) | secure | true |
+| main.rs:84:5:84:22 | c.set_secure(...) | secure | true |
+| main.rs:90:9:90:26 | c.set_secure(...) | secure | true |
+| main.rs:92:9:92:31 | c.set_partitioned(...) | partitioned | true |
+| main.rs:109:9:109:26 | e.set_secure(...) | secure | true |
+| main.rs:114:5:114:54 | ... .partitioned(...) | partitioned | true |
+| main.rs:126:13:126:30 | a.set_secure(...) | secure | true |
+| main.rs:130:13:130:31 | b.set_secure(...) | secure | false |
+| main.rs:134:13:134:35 | c.set_partitioned(...) | partitioned | true |
+| main.rs:138:13:138:30 | d.set_secure(...) | secure | true |
+| main.rs:142:13:142:36 | e.set_partitioned(...) | partitioned | false |
+| main.rs:146:13:146:31 | f.set_secure(...) | secure | false |
--- a/rust/ql/test/query-tests/security/CWE-614/CookieSet.ql
+++ b/rust/ql/test/query-tests/security/CWE-614/CookieSet.ql
@@ -0,0 +1,7 @@
+import rust
+import codeql.rust.dataflow.DataFlow
+import codeql.rust.security.InsecureCookieExtensions
+
+from DataFlow::Node node, string state, boolean value
+where InsecureCookie::cookieSetNode(node, state, value)
+select node, state, value
--- a/rust/ql/test/query-tests/security/CWE-614/InsecureCookie.expected
+++ b/rust/ql/test/query-tests/security/CWE-614/InsecureCookie.expected
@@ -1,31 +1,52 @@
 #select
 | main.rs:8:66:8:70 | build | main.rs:8:19:8:31 | ...::build | main.rs:8:66:8:70 | build | Cookie attribute 'Secure' is not set to true. |
-| main.rs:12:65:12:69 | build | main.rs:12:19:12:31 | ...::build | main.rs:12:65:12:69 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:8:66:8:70 | build | main.rs:8:19:8:64 | ... .secure(...) | main.rs:8:66:8:70 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:16:52:16:56 | build | main.rs:16:19:16:31 | ...::build | main.rs:16:52:16:56 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:20:56:20:60 | build | main.rs:20:5:20:17 | ...::build | main.rs:20:56:20:60 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:20:56:20:60 | build | main.rs:20:5:20:54 | ... .secure(...) | main.rs:20:56:20:60 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:21:57:21:61 | build | main.rs:21:5:21:17 | ...::build | main.rs:21:57:21:61 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:21:57:21:61 | build | main.rs:21:5:21:55 | ... .secure(...) | main.rs:21:57:21:61 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:24:53:24:57 | build | main.rs:24:5:24:17 | ...::build | main.rs:24:53:24:57 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:24:53:24:57 | build | main.rs:24:5:24:51 | ... .secure(...) | main.rs:24:53:24:57 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:25:54:25:58 | build | main.rs:25:5:25:17 | ...::build | main.rs:25:54:25:58 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:25:54:25:58 | build | main.rs:25:5:25:52 | ... .secure(...) | main.rs:25:54:25:58 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:26:52:26:56 | build | main.rs:26:5:26:17 | ...::build | main.rs:26:52:26:56 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:26:52:26:56 | build | main.rs:26:5:26:50 | ... .secure(...) | main.rs:26:52:26:56 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:27:53:27:57 | build | main.rs:27:5:27:17 | ...::build | main.rs:27:53:27:57 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:27:53:27:57 | build | main.rs:27:5:27:51 | ... .secure(...) | main.rs:27:53:27:57 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:28:62:28:66 | build | main.rs:28:5:28:17 | ...::build | main.rs:28:62:28:66 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:28:62:28:66 | build | main.rs:28:5:28:60 | ... .secure(...) | main.rs:28:62:28:66 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:29:62:29:66 | build | main.rs:29:5:29:17 | ...::build | main.rs:29:62:29:66 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:29:62:29:66 | build | main.rs:29:5:29:60 | ... .secure(...) | main.rs:29:62:29:66 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:33:60:33:64 | build | main.rs:33:9:33:21 | ...::build | main.rs:33:60:33:64 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:33:60:33:64 | build | main.rs:33:9:33:58 | ... .secure(...) | main.rs:33:60:33:64 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:35:60:35:64 | build | main.rs:35:9:35:21 | ...::build | main.rs:35:60:35:64 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:35:60:35:64 | build | main.rs:35:9:35:58 | ... .secure(...) | main.rs:35:60:35:64 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:39:55:39:59 | build | main.rs:39:5:39:22 | ...::new | main.rs:39:55:39:59 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:39:55:39:59 | build | main.rs:39:5:39:53 | ... .secure(...) | main.rs:39:55:39:59 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:40:66:40:70 | build | main.rs:40:5:40:17 | ...::build | main.rs:40:66:40:70 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:40:66:40:70 | build | main.rs:40:5:40:64 | ... .secure(...) | main.rs:40:66:40:70 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:41:95:41:99 | build | main.rs:41:5:41:17 | ...::build | main.rs:41:95:41:99 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:41:95:41:99 | build | main.rs:41:5:41:93 | ... .secure(...) | main.rs:41:95:41:99 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:42:74:42:78 | build | main.rs:42:5:42:17 | ...::build | main.rs:42:74:42:78 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:42:74:42:78 | build | main.rs:42:5:42:72 | ... .secure(...) | main.rs:42:74:42:78 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:43:62:43:66 | build | main.rs:43:5:43:17 | ...::build | main.rs:43:62:43:66 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:43:62:43:66 | build | main.rs:43:5:43:60 | ... .secure(...) | main.rs:43:62:43:66 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:44:68:44:72 | build | main.rs:44:5:44:17 | ...::build | main.rs:44:68:44:72 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:44:68:44:72 | build | main.rs:44:5:44:66 | ... .secure(...) | main.rs:44:68:44:72 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:45:88:45:92 | build | main.rs:45:5:45:17 | ...::build | main.rs:45:88:45:92 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:45:88:45:92 | build | main.rs:45:5:45:86 | ... .secure(...) | main.rs:45:88:45:92 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:46:64:46:68 | build | main.rs:46:5:46:17 | ...::build | main.rs:46:64:46:68 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:46:64:46:68 | build | main.rs:46:5:46:62 | ... .secure(...) | main.rs:46:64:46:68 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:47:62:47:66 | build | main.rs:47:5:47:17 | ...::build | main.rs:47:62:47:66 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:47:62:47:66 | build | main.rs:47:5:47:60 | ... .secure(...) | main.rs:47:62:47:66 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:48:52:48:57 | finish | main.rs:48:5:48:17 | ...::build | main.rs:48:52:48:57 | finish | Cookie attribute 'Secure' is not set to true. |
+| main.rs:48:52:48:57 | finish | main.rs:48:5:48:50 | ... .secure(...) | main.rs:48:52:48:57 | finish | Cookie attribute 'Secure' is not set to true. |
 | main.rs:49:41:49:45 | build | main.rs:49:5:49:17 | ...::build | main.rs:49:41:49:45 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:49:41:49:45 | build | main.rs:49:5:49:39 | ... .secure(...) | main.rs:49:41:49:45 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:50:56:50:60 | build | main.rs:50:5:50:17 | ...::build | main.rs:50:56:50:60 | build | Cookie attribute 'Secure' is not set to true. |
-| main.rs:53:65:53:69 | build | main.rs:53:5:53:17 | ...::build | main.rs:53:65:53:69 | build | Cookie attribute 'Secure' is not set to true. |
-| main.rs:54:65:54:69 | build | main.rs:54:5:54:17 | ...::build | main.rs:54:65:54:69 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:50:56:50:60 | build | main.rs:50:5:50:54 | ... .secure(...) | main.rs:50:56:50:60 | build | Cookie attribute 'Secure' is not set to true. |
+| main.rs:53:65:53:69 | build | main.rs:53:5:53:63 | ... .secure(...) | main.rs:53:65:53:69 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:59:9:59:11 | add | main.rs:58:17:58:27 | ...::new | main.rs:59:9:59:11 | add | Cookie attribute 'Secure' is not set to true. |
 | main.rs:60:9:60:20 | add_original | main.rs:58:17:58:27 | ...::new | main.rs:60:9:60:20 | add_original | Cookie attribute 'Secure' is not set to true. |
 | main.rs:62:9:62:11 | add | main.rs:58:17:58:27 | ...::new | main.rs:62:9:62:11 | add | Cookie attribute 'Secure' is not set to true. |
@@ -40,14 +61,9 @@
 | main.rs:85:17:85:19 | add | main.rs:77:17:77:28 | ...::from | main.rs:85:17:85:19 | add | Cookie attribute 'Secure' is not set to true. |
 | main.rs:88:9:88:11 | add | main.rs:87:17:87:28 | ...::from | main.rs:88:9:88:11 | add | Cookie attribute 'Secure' is not set to true. |
 | main.rs:94:9:94:11 | add | main.rs:87:17:87:28 | ...::from | main.rs:94:9:94:11 | add | Cookie attribute 'Secure' is not set to true. |
-| main.rs:114:56:114:60 | build | main.rs:114:5:114:17 | ...::build | main.rs:114:56:114:60 | build | Cookie attribute 'Secure' is not set to true. |
 | main.rs:123:13:123:18 | insert | main.rs:122:13:122:41 | ...::new | main.rs:123:13:123:18 | insert | Cookie attribute 'Secure' is not set to true. |
-| main.rs:127:13:127:18 | insert | main.rs:122:13:122:41 | ...::new | main.rs:127:13:127:18 | insert | Cookie attribute 'Secure' is not set to true. |
-| main.rs:131:13:131:18 | insert | main.rs:122:13:122:41 | ...::new | main.rs:131:13:131:18 | insert | Cookie attribute 'Secure' is not set to true. |
-| main.rs:135:13:135:18 | insert | main.rs:122:13:122:41 | ...::new | main.rs:135:13:135:18 | insert | Cookie attribute 'Secure' is not set to true. |
-| main.rs:139:13:139:18 | insert | main.rs:122:13:122:41 | ...::new | main.rs:139:13:139:18 | insert | Cookie attribute 'Secure' is not set to true. |
-| main.rs:143:13:143:18 | insert | main.rs:122:13:122:41 | ...::new | main.rs:143:13:143:18 | insert | Cookie attribute 'Secure' is not set to true. |
-| main.rs:147:13:147:18 | insert | main.rs:122:13:122:41 | ...::new | main.rs:147:13:147:18 | insert | Cookie attribute 'Secure' is not set to true. |
+| main.rs:131:13:131:18 | insert | main.rs:130:13:130:31 | b.set_secure(...) | main.rs:131:13:131:18 | insert | Cookie attribute 'Secure' is not set to true. |
+| main.rs:147:13:147:18 | insert | main.rs:146:13:146:31 | f.set_secure(...) | main.rs:147:13:147:18 | insert | Cookie attribute 'Secure' is not set to true. |
 | main.rs:152:13:152:18 | insert | main.rs:151:13:151:42 | ...::from | main.rs:152:13:152:18 | insert | Cookie attribute 'Secure' is not set to true. |
 | main.rs:156:13:156:18 | insert | main.rs:155:13:155:41 | ...::new | main.rs:156:13:156:18 | insert | Cookie attribute 'Secure' is not set to true. |
 | main.rs:157:13:157:18 | insert | main.rs:155:13:155:41 | ...::new | main.rs:157:13:157:18 | insert | Cookie attribute 'Secure' is not set to true. |
@@ -63,95 +79,85 @@
 | main.rs:167:13:167:18 | insert | main.rs:155:13:155:41 | ...::new | main.rs:167:13:167:18 | insert | Cookie attribute 'Secure' is not set to true. |
 edges
 | main.rs:8:19:8:31 | ...::build | main.rs:8:19:8:50 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:8:19:8:50 | ...::build(...) | main.rs:8:19:8:64 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:8:19:8:50 | ...::build(...) | main.rs:8:19:8:64 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:8:19:8:64 | ... .secure(...) | main.rs:8:66:8:70 | build | provenance | MaD:2 Sink:MaD:2 |
-| main.rs:12:19:12:31 | ...::build | main.rs:12:19:12:50 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:12:19:12:50 | ...::build(...) | main.rs:12:19:12:63 | ... .secure(...) | provenance | MaD:41 |
-| main.rs:12:19:12:63 | ... .secure(...) | main.rs:12:65:12:69 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:16:19:16:31 | ...::build | main.rs:16:19:16:50 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
 | main.rs:16:19:16:50 | ...::build(...) | main.rs:16:52:16:56 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:20:5:20:17 | ...::build | main.rs:20:5:20:36 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:20:5:20:36 | ...::build(...) | main.rs:20:5:20:54 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:20:5:20:36 | ...::build(...) | main.rs:20:5:20:54 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:20:5:20:54 | ... .secure(...) | main.rs:20:56:20:60 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:21:5:21:17 | ...::build | main.rs:21:5:21:36 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:21:5:21:36 | ...::build(...) | main.rs:21:5:21:55 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:21:5:21:36 | ...::build(...) | main.rs:21:5:21:55 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:21:5:21:55 | ... .secure(...) | main.rs:21:57:21:61 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:24:5:24:17 | ...::build | main.rs:24:5:24:36 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:24:5:24:36 | ...::build(...) | main.rs:24:5:24:51 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:24:5:24:36 | ...::build(...) | main.rs:24:5:24:51 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:24:5:24:51 | ... .secure(...) | main.rs:24:53:24:57 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:25:5:25:17 | ...::build | main.rs:25:5:25:36 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:25:5:25:36 | ...::build(...) | main.rs:25:5:25:52 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:25:5:25:36 | ...::build(...) | main.rs:25:5:25:52 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:25:5:25:52 | ... .secure(...) | main.rs:25:54:25:58 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:26:5:26:17 | ...::build | main.rs:26:5:26:36 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:26:5:26:36 | ...::build(...) | main.rs:26:5:26:50 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:26:5:26:36 | ...::build(...) | main.rs:26:5:26:50 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:26:5:26:50 | ... .secure(...) | main.rs:26:52:26:56 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:27:5:27:17 | ...::build | main.rs:27:5:27:36 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:27:5:27:36 | ...::build(...) | main.rs:27:5:27:51 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:27:5:27:36 | ...::build(...) | main.rs:27:5:27:51 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:27:5:27:51 | ... .secure(...) | main.rs:27:53:27:57 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:28:5:28:17 | ...::build | main.rs:28:5:28:36 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:28:5:28:36 | ...::build(...) | main.rs:28:5:28:60 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:28:5:28:36 | ...::build(...) | main.rs:28:5:28:60 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:28:5:28:60 | ... .secure(...) | main.rs:28:62:28:66 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:29:5:29:17 | ...::build | main.rs:29:5:29:36 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:29:5:29:36 | ...::build(...) | main.rs:29:5:29:60 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:29:5:29:36 | ...::build(...) | main.rs:29:5:29:60 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:29:5:29:60 | ... .secure(...) | main.rs:29:62:29:66 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:33:9:33:21 | ...::build | main.rs:33:9:33:40 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:33:9:33:40 | ...::build(...) | main.rs:33:9:33:58 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:33:9:33:40 | ...::build(...) | main.rs:33:9:33:58 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:33:9:33:58 | ... .secure(...) | main.rs:33:60:33:64 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:35:9:35:21 | ...::build | main.rs:35:9:35:40 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:35:9:35:40 | ...::build(...) | main.rs:35:9:35:58 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:35:9:35:40 | ...::build(...) | main.rs:35:9:35:58 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:35:9:35:58 | ... .secure(...) | main.rs:35:60:35:64 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:39:5:39:22 | ...::new | main.rs:39:5:39:39 | ...::new(...) | provenance | Src:MaD:16 MaD:16 |
-| main.rs:39:5:39:39 | ...::new(...) | main.rs:39:5:39:53 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:39:5:39:39 | ...::new(...) | main.rs:39:5:39:53 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:39:5:39:53 | ... .secure(...) | main.rs:39:55:39:59 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:40:5:40:17 | ...::build | main.rs:40:5:40:36 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:40:5:40:36 | ...::build(...) | main.rs:40:5:40:50 | ... .expires(...) | provenance | MaD:33 |
-| main.rs:40:5:40:50 | ... .expires(...) | main.rs:40:5:40:64 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:40:5:40:36 | ...::build(...) | main.rs:40:5:40:50 | ... .expires(...) | provenance | MaD:32 |
+| main.rs:40:5:40:50 | ... .expires(...) | main.rs:40:5:40:64 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:40:5:40:64 | ... .secure(...) | main.rs:40:66:40:70 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:41:5:41:17 | ...::build | main.rs:41:5:41:36 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:41:5:41:36 | ...::build(...) | main.rs:41:5:41:79 | ... .max_age(...) | provenance | MaD:35 |
-| main.rs:41:5:41:79 | ... .max_age(...) | main.rs:41:5:41:93 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:41:5:41:36 | ...::build(...) | main.rs:41:5:41:79 | ... .max_age(...) | provenance | MaD:34 |
+| main.rs:41:5:41:79 | ... .max_age(...) | main.rs:41:5:41:93 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:41:5:41:93 | ... .secure(...) | main.rs:41:95:41:99 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:42:5:42:17 | ...::build | main.rs:42:5:42:36 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:42:5:42:36 | ...::build(...) | main.rs:42:5:42:58 | ... .domain(...) | provenance | MaD:32 |
-| main.rs:42:5:42:58 | ... .domain(...) | main.rs:42:5:42:72 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:42:5:42:36 | ...::build(...) | main.rs:42:5:42:58 | ... .domain(...) | provenance | MaD:31 |
+| main.rs:42:5:42:58 | ... .domain(...) | main.rs:42:5:42:72 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:42:5:42:72 | ... .secure(...) | main.rs:42:74:42:78 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:43:5:43:17 | ...::build | main.rs:43:5:43:36 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:43:5:43:36 | ...::build(...) | main.rs:43:5:43:46 | ... .path(...) | provenance | MaD:37 |
-| main.rs:43:5:43:46 | ... .path(...) | main.rs:43:5:43:60 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:43:5:43:36 | ...::build(...) | main.rs:43:5:43:46 | ... .path(...) | provenance | MaD:36 |
+| main.rs:43:5:43:46 | ... .path(...) | main.rs:43:5:43:60 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:43:5:43:60 | ... .secure(...) | main.rs:43:62:43:66 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:44:5:44:17 | ...::build | main.rs:44:5:44:36 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:44:5:44:36 | ...::build(...) | main.rs:44:5:44:52 | ... .http_only(...) | provenance | MaD:34 |
-| main.rs:44:5:44:52 | ... .http_only(...) | main.rs:44:5:44:66 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:44:5:44:36 | ...::build(...) | main.rs:44:5:44:52 | ... .http_only(...) | provenance | MaD:33 |
+| main.rs:44:5:44:52 | ... .http_only(...) | main.rs:44:5:44:66 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:44:5:44:66 | ... .secure(...) | main.rs:44:68:44:72 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:45:5:45:17 | ...::build | main.rs:45:5:45:36 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:45:5:45:36 | ...::build(...) | main.rs:45:5:45:72 | ... .same_site(...) | provenance | MaD:40 |
-| main.rs:45:5:45:72 | ... .same_site(...) | main.rs:45:5:45:86 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:45:5:45:36 | ...::build(...) | main.rs:45:5:45:72 | ... .same_site(...) | provenance | MaD:39 |
+| main.rs:45:5:45:72 | ... .same_site(...) | main.rs:45:5:45:86 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:45:5:45:86 | ... .secure(...) | main.rs:45:88:45:92 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:46:5:46:17 | ...::build | main.rs:46:5:46:36 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:46:5:46:36 | ...::build(...) | main.rs:46:5:46:48 | ... .permanent() | provenance | MaD:38 |
-| main.rs:46:5:46:48 | ... .permanent() | main.rs:46:5:46:62 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:46:5:46:36 | ...::build(...) | main.rs:46:5:46:48 | ... .permanent() | provenance | MaD:37 |
+| main.rs:46:5:46:48 | ... .permanent() | main.rs:46:5:46:62 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:46:5:46:62 | ... .secure(...) | main.rs:46:64:46:68 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:47:5:47:17 | ...::build | main.rs:47:5:47:36 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:47:5:47:36 | ...::build(...) | main.rs:47:5:47:46 | ... .removal() | provenance | MaD:39 |
-| main.rs:47:5:47:46 | ... .removal() | main.rs:47:5:47:60 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:47:5:47:36 | ...::build(...) | main.rs:47:5:47:46 | ... .removal() | provenance | MaD:38 |
+| main.rs:47:5:47:46 | ... .removal() | main.rs:47:5:47:60 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:47:5:47:60 | ... .secure(...) | main.rs:47:62:47:66 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:48:5:48:17 | ...::build | main.rs:48:5:48:36 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:48:5:48:36 | ...::build(...) | main.rs:48:5:48:50 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:48:5:48:36 | ...::build(...) | main.rs:48:5:48:50 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:48:5:48:50 | ... .secure(...) | main.rs:48:52:48:57 | finish | provenance | MaD:3 Sink:MaD:3 |
 | main.rs:49:5:49:17 | ...::build | main.rs:49:5:49:25 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:49:5:49:25 | ...::build(...) | main.rs:49:5:49:39 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:49:5:49:25 | ...::build(...) | main.rs:49:5:49:39 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:49:5:49:39 | ... .secure(...) | main.rs:49:41:49:45 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:50:5:50:17 | ...::build | main.rs:50:5:50:40 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:50:5:50:40 | ...::build(...) | main.rs:50:5:50:54 | ... .secure(...) | provenance | MaD:41 |
+| main.rs:50:5:50:40 | ...::build(...) | main.rs:50:5:50:54 | ... .secure(...) | provenance | MaD:40 |
 | main.rs:50:5:50:54 | ... .secure(...) | main.rs:50:56:50:60 | build | provenance | MaD:2 Sink:MaD:2 |
-| main.rs:53:5:53:17 | ...::build | main.rs:53:5:53:36 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:53:5:53:36 | ...::build(...) | main.rs:53:5:53:49 | ... .secure(...) | provenance | MaD:41 |
-| main.rs:53:5:53:49 | ... .secure(...) | main.rs:53:5:53:63 | ... .secure(...) | provenance | MaD:41 |
 | main.rs:53:5:53:63 | ... .secure(...) | main.rs:53:65:53:69 | build | provenance | MaD:2 Sink:MaD:2 |
-| main.rs:54:5:54:17 | ...::build | main.rs:54:5:54:36 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:54:5:54:36 | ...::build(...) | main.rs:54:5:54:50 | ... .secure(...) | provenance | MaD:41 |
-| main.rs:54:5:54:50 | ... .secure(...) | main.rs:54:5:54:63 | ... .secure(...) | provenance | MaD:41 |
-| main.rs:54:5:54:63 | ... .secure(...) | main.rs:54:65:54:69 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:58:9:58:13 | mut a | main.rs:59:13:59:13 | a | provenance |  |
 | main.rs:58:9:58:13 | mut a | main.rs:59:13:59:21 | a.clone() | provenance | MaD:17 |
 | main.rs:58:9:58:13 | mut a | main.rs:60:22:60:22 | a | provenance |  |
@@ -217,21 +223,14 @@ edges
 | main.rs:94:13:94:13 | d | main.rs:94:13:94:21 | d.clone() | provenance | MaD:17 |
 | main.rs:94:13:94:21 | d.clone() | main.rs:94:9:94:11 | add | provenance | MaD:4 Sink:MaD:4 |
 | main.rs:114:5:114:17 | ...::build | main.rs:114:5:114:36 | ...::build(...) | provenance | Src:MaD:13 MaD:13 |
-| main.rs:114:5:114:36 | ...::build(...) | main.rs:114:5:114:54 | ... .partitioned(...) | provenance | MaD:36 |
+| main.rs:114:5:114:36 | ...::build(...) | main.rs:114:5:114:54 | ... .partitioned(...) | provenance | MaD:35 |
 | main.rs:114:5:114:54 | ... .partitioned(...) | main.rs:114:56:114:60 | build | provenance | MaD:2 Sink:MaD:2 |
 | main.rs:122:9:122:9 | a | main.rs:123:20:123:20 | a | provenance |  |
 | main.rs:122:9:122:9 | a | main.rs:123:20:123:28 | a.clone() | provenance | MaD:17 |
-| main.rs:122:9:122:9 | a | main.rs:126:13:126:30 | a.set_secure(...) | provenance | MaD:27 |
 | main.rs:122:13:122:41 | ...::new | main.rs:122:13:122:58 | ...::new(...) | provenance | Src:MaD:11 MaD:11 |
 | main.rs:122:13:122:58 | ...::new(...) | main.rs:122:9:122:9 | a | provenance |  |
 | main.rs:123:20:123:20 | a | main.rs:123:20:123:28 | a.clone() | provenance | MaD:17 |
 | main.rs:123:20:123:28 | a.clone() | main.rs:123:13:123:18 | insert | provenance | MaD:1 Sink:MaD:1 |
-| main.rs:126:9:126:9 | b | main.rs:127:20:127:20 | b | provenance |  |
-| main.rs:126:9:126:9 | b | main.rs:127:20:127:28 | b.clone() | provenance | MaD:17 |
-| main.rs:126:9:126:9 | b | main.rs:130:13:130:31 | b.set_secure(...) | provenance | MaD:27 |
-| main.rs:126:13:126:30 | a.set_secure(...) | main.rs:126:9:126:9 | b | provenance |  |
-| main.rs:127:20:127:20 | b | main.rs:127:20:127:28 | b.clone() | provenance | MaD:17 |
-| main.rs:127:20:127:28 | b.clone() | main.rs:127:13:127:18 | insert | provenance | MaD:1 Sink:MaD:1 |
 | main.rs:130:9:130:9 | c | main.rs:131:20:131:20 | c | provenance |  |
 | main.rs:130:9:130:9 | c | main.rs:131:20:131:28 | c.clone() | provenance | MaD:17 |
 | main.rs:130:9:130:9 | c | main.rs:134:13:134:35 | c.set_partitioned(...) | provenance | MaD:24 |
@@ -240,22 +239,9 @@ edges
 | main.rs:131:20:131:28 | c.clone() | main.rs:131:13:131:18 | insert | provenance | MaD:1 Sink:MaD:1 |
 | main.rs:134:9:134:9 | d | main.rs:135:20:135:20 | d | provenance |  |
 | main.rs:134:9:134:9 | d | main.rs:135:20:135:28 | d.clone() | provenance | MaD:17 |
-| main.rs:134:9:134:9 | d | main.rs:138:13:138:30 | d.set_secure(...) | provenance | MaD:27 |
 | main.rs:134:13:134:35 | c.set_partitioned(...) | main.rs:134:9:134:9 | d | provenance |  |
 | main.rs:135:20:135:20 | d | main.rs:135:20:135:28 | d.clone() | provenance | MaD:17 |
 | main.rs:135:20:135:28 | d.clone() | main.rs:135:13:135:18 | insert | provenance | MaD:1 Sink:MaD:1 |
-| main.rs:138:9:138:9 | e | main.rs:139:20:139:20 | e | provenance |  |
-| main.rs:138:9:138:9 | e | main.rs:139:20:139:28 | e.clone() | provenance | MaD:17 |
-| main.rs:138:9:138:9 | e | main.rs:142:13:142:36 | e.set_partitioned(...) | provenance | MaD:24 |
-| main.rs:138:13:138:30 | d.set_secure(...) | main.rs:138:9:138:9 | e | provenance |  |
-| main.rs:139:20:139:20 | e | main.rs:139:20:139:28 | e.clone() | provenance | MaD:17 |
-| main.rs:139:20:139:28 | e.clone() | main.rs:139:13:139:18 | insert | provenance | MaD:1 Sink:MaD:1 |
-| main.rs:142:9:142:9 | f | main.rs:143:20:143:20 | f | provenance |  |
-| main.rs:142:9:142:9 | f | main.rs:143:20:143:28 | f.clone() | provenance | MaD:17 |
-| main.rs:142:9:142:9 | f | main.rs:146:13:146:31 | f.set_secure(...) | provenance | MaD:27 |
-| main.rs:142:13:142:36 | e.set_partitioned(...) | main.rs:142:9:142:9 | f | provenance |  |
-| main.rs:143:20:143:20 | f | main.rs:143:20:143:28 | f.clone() | provenance | MaD:17 |
-| main.rs:143:20:143:28 | f.clone() | main.rs:143:13:143:18 | insert | provenance | MaD:1 Sink:MaD:1 |
 | main.rs:146:9:146:9 | g | main.rs:147:20:147:20 | g | provenance |  |
 | main.rs:146:9:146:9 | g | main.rs:147:20:147:28 | g.clone() | provenance | MaD:17 |
 | main.rs:146:13:146:31 | f.set_secure(...) | main.rs:146:9:146:9 | g | provenance |  |
@@ -295,7 +281,7 @@ edges
 | main.rs:156:20:156:28 | i.clone() | main.rs:156:20:156:46 | ... .set_name(...) | provenance | MaD:23 |
 | main.rs:156:20:156:46 | ... .set_name(...) | main.rs:156:13:156:18 | insert | provenance | MaD:1 Sink:MaD:1 |
 | main.rs:157:20:157:20 | i | main.rs:157:20:157:28 | i.clone() | provenance | MaD:17 |
-| main.rs:157:20:157:28 | i.clone() | main.rs:157:20:157:48 | ... .set_value(...) | provenance | MaD:28 |
+| main.rs:157:20:157:28 | i.clone() | main.rs:157:20:157:48 | ... .set_value(...) | provenance | MaD:27 |
 | main.rs:157:20:157:48 | ... .set_value(...) | main.rs:157:13:157:18 | insert | provenance | MaD:1 Sink:MaD:1 |
 | main.rs:158:20:158:20 | i | main.rs:158:20:158:28 | i.clone() | provenance | MaD:17 |
 | main.rs:158:20:158:28 | i.clone() | main.rs:158:20:158:48 | ... .set_http_only(...) | provenance | MaD:21 |
@@ -310,19 +296,19 @@ edges
 | main.rs:161:20:161:28 | i.clone() | main.rs:161:20:161:42 | ... .set_path(...) | provenance | MaD:25 |
 | main.rs:161:20:161:42 | ... .set_path(...) | main.rs:161:13:161:18 | insert | provenance | MaD:1 Sink:MaD:1 |
 | main.rs:162:20:162:20 | i | main.rs:162:20:162:28 | i.clone() | provenance | MaD:17 |
-| main.rs:162:20:162:28 | i.clone() | main.rs:162:20:162:41 | ... .unset_path() | provenance | MaD:31 |
+| main.rs:162:20:162:28 | i.clone() | main.rs:162:20:162:41 | ... .unset_path() | provenance | MaD:30 |
 | main.rs:162:20:162:41 | ... .unset_path() | main.rs:162:13:162:18 | insert | provenance | MaD:1 Sink:MaD:1 |
 | main.rs:163:20:163:20 | i | main.rs:163:20:163:28 | i.clone() | provenance | MaD:17 |
 | main.rs:163:20:163:28 | i.clone() | main.rs:163:20:163:54 | ... .set_domain(...) | provenance | MaD:19 |
 | main.rs:163:20:163:54 | ... .set_domain(...) | main.rs:163:13:163:18 | insert | provenance | MaD:1 Sink:MaD:1 |
 | main.rs:164:20:164:20 | i | main.rs:164:20:164:28 | i.clone() | provenance | MaD:17 |
-| main.rs:164:20:164:28 | i.clone() | main.rs:164:20:164:43 | ... .unset_domain() | provenance | MaD:29 |
+| main.rs:164:20:164:28 | i.clone() | main.rs:164:20:164:43 | ... .unset_domain() | provenance | MaD:28 |
 | main.rs:164:20:164:43 | ... .unset_domain() | main.rs:164:13:164:18 | insert | provenance | MaD:1 Sink:MaD:1 |
 | main.rs:165:20:165:20 | i | main.rs:165:20:165:28 | i.clone() | provenance | MaD:17 |
 | main.rs:165:20:165:28 | i.clone() | main.rs:165:20:165:46 | ... .set_expires(...) | provenance | MaD:20 |
 | main.rs:165:20:165:46 | ... .set_expires(...) | main.rs:165:13:165:18 | insert | provenance | MaD:1 Sink:MaD:1 |
 | main.rs:166:20:166:20 | i | main.rs:166:20:166:28 | i.clone() | provenance | MaD:17 |
-| main.rs:166:20:166:28 | i.clone() | main.rs:166:20:166:44 | ... .unset_expires() | provenance | MaD:30 |
+| main.rs:166:20:166:28 | i.clone() | main.rs:166:20:166:44 | ... .unset_expires() | provenance | MaD:29 |
 | main.rs:166:20:166:44 | ... .unset_expires() | main.rs:166:13:166:18 | insert | provenance | MaD:1 Sink:MaD:1 |
 | main.rs:167:20:167:20 | i | main.rs:167:20:167:28 | i.clone() | provenance | MaD:17 |
 | main.rs:167:20:167:28 | i.clone() | main.rs:167:20:167:45 | ... .make_permanent() | provenance | MaD:18 |
@@ -351,33 +337,28 @@ models
 | 21 | Summary: <biscotti::response_cookie::ResponseCookie>::set_http_only; Argument[self]; ReturnValue; taint |
 | 22 | Summary: <biscotti::response_cookie::ResponseCookie>::set_max_age; Argument[self]; ReturnValue; taint |
 | 23 | Summary: <biscotti::response_cookie::ResponseCookie>::set_name; Argument[self]; ReturnValue; taint |
-| 24 | Summary: <biscotti::response_cookie::ResponseCookie>::set_partitioned; Argument[self]; ReturnValue; taint |
+| 24 | Summary: <biscotti::response_cookie::ResponseCookie>::set_partitioned; Argument[self].OptionalBarrier[cookie-partitioned-arg0]; ReturnValue; taint |
 | 25 | Summary: <biscotti::response_cookie::ResponseCookie>::set_path; Argument[self]; ReturnValue; taint |
 | 26 | Summary: <biscotti::response_cookie::ResponseCookie>::set_same_site; Argument[self]; ReturnValue; taint |
-| 27 | Summary: <biscotti::response_cookie::ResponseCookie>::set_secure; Argument[self]; ReturnValue; taint |
-| 28 | Summary: <biscotti::response_cookie::ResponseCookie>::set_value; Argument[self]; ReturnValue; taint |
-| 29 | Summary: <biscotti::response_cookie::ResponseCookie>::unset_domain; Argument[self]; ReturnValue; taint |
-| 30 | Summary: <biscotti::response_cookie::ResponseCookie>::unset_expires; Argument[self]; ReturnValue; taint |
-| 31 | Summary: <biscotti::response_cookie::ResponseCookie>::unset_path; Argument[self]; ReturnValue; taint |
-| 32 | Summary: <cookie::builder::CookieBuilder>::domain; Argument[self]; ReturnValue; taint |
-| 33 | Summary: <cookie::builder::CookieBuilder>::expires; Argument[self]; ReturnValue; taint |
-| 34 | Summary: <cookie::builder::CookieBuilder>::http_only; Argument[self]; ReturnValue; taint |
-| 35 | Summary: <cookie::builder::CookieBuilder>::max_age; Argument[self]; ReturnValue; taint |
-| 36 | Summary: <cookie::builder::CookieBuilder>::partitioned; Argument[self]; ReturnValue; taint |
-| 37 | Summary: <cookie::builder::CookieBuilder>::path; Argument[self]; ReturnValue; taint |
-| 38 | Summary: <cookie::builder::CookieBuilder>::permanent; Argument[self]; ReturnValue; taint |
-| 39 | Summary: <cookie::builder::CookieBuilder>::removal; Argument[self]; ReturnValue; taint |
-| 40 | Summary: <cookie::builder::CookieBuilder>::same_site; Argument[self]; ReturnValue; taint |
-| 41 | Summary: <cookie::builder::CookieBuilder>::secure; Argument[self]; ReturnValue; taint |
+| 27 | Summary: <biscotti::response_cookie::ResponseCookie>::set_value; Argument[self]; ReturnValue; taint |
+| 28 | Summary: <biscotti::response_cookie::ResponseCookie>::unset_domain; Argument[self]; ReturnValue; taint |
+| 29 | Summary: <biscotti::response_cookie::ResponseCookie>::unset_expires; Argument[self]; ReturnValue; taint |
+| 30 | Summary: <biscotti::response_cookie::ResponseCookie>::unset_path; Argument[self]; ReturnValue; taint |
+| 31 | Summary: <cookie::builder::CookieBuilder>::domain; Argument[self]; ReturnValue; taint |
+| 32 | Summary: <cookie::builder::CookieBuilder>::expires; Argument[self]; ReturnValue; taint |
+| 33 | Summary: <cookie::builder::CookieBuilder>::http_only; Argument[self]; ReturnValue; taint |
+| 34 | Summary: <cookie::builder::CookieBuilder>::max_age; Argument[self]; ReturnValue; taint |
+| 35 | Summary: <cookie::builder::CookieBuilder>::partitioned; Argument[self].OptionalBarrier[cookie-partitioned-arg0]; ReturnValue; taint |
+| 36 | Summary: <cookie::builder::CookieBuilder>::path; Argument[self]; ReturnValue; taint |
+| 37 | Summary: <cookie::builder::CookieBuilder>::permanent; Argument[self]; ReturnValue; taint |
+| 38 | Summary: <cookie::builder::CookieBuilder>::removal; Argument[self]; ReturnValue; taint |
+| 39 | Summary: <cookie::builder::CookieBuilder>::same_site; Argument[self]; ReturnValue; taint |
+| 40 | Summary: <cookie::builder::CookieBuilder>::secure; Argument[self].OptionalBarrier[cookie-secure-arg0]; ReturnValue; taint |
 nodes
 | main.rs:8:19:8:31 | ...::build | semmle.label | ...::build |
 | main.rs:8:19:8:50 | ...::build(...) | semmle.label | ...::build(...) |
 | main.rs:8:19:8:64 | ... .secure(...) | semmle.label | ... .secure(...) |
 | main.rs:8:66:8:70 | build | semmle.label | build |
-| main.rs:12:19:12:31 | ...::build | semmle.label | ...::build |
-| main.rs:12:19:12:50 | ...::build(...) | semmle.label | ...::build(...) |
-| main.rs:12:19:12:63 | ... .secure(...) | semmle.label | ... .secure(...) |
-| main.rs:12:65:12:69 | build | semmle.label | build |
 | main.rs:16:19:16:31 | ...::build | semmle.label | ...::build |
 | main.rs:16:19:16:50 | ...::build(...) | semmle.label | ...::build(...) |
 | main.rs:16:52:16:56 | build | semmle.label | build |
@@ -477,16 +458,8 @@ nodes
 | main.rs:50:5:50:40 | ...::build(...) | semmle.label | ...::build(...) |
 | main.rs:50:5:50:54 | ... .secure(...) | semmle.label | ... .secure(...) |
 | main.rs:50:56:50:60 | build | semmle.label | build |
-| main.rs:53:5:53:17 | ...::build | semmle.label | ...::build |
-| main.rs:53:5:53:36 | ...::build(...) | semmle.label | ...::build(...) |
-| main.rs:53:5:53:49 | ... .secure(...) | semmle.label | ... .secure(...) |
 | main.rs:53:5:53:63 | ... .secure(...) | semmle.label | ... .secure(...) |
 | main.rs:53:65:53:69 | build | semmle.label | build |
-| main.rs:54:5:54:17 | ...::build | semmle.label | ...::build |
-| main.rs:54:5:54:36 | ...::build(...) | semmle.label | ...::build(...) |
-| main.rs:54:5:54:50 | ... .secure(...) | semmle.label | ... .secure(...) |
-| main.rs:54:5:54:63 | ... .secure(...) | semmle.label | ... .secure(...) |
-| main.rs:54:65:54:69 | build | semmle.label | build |
 | main.rs:58:9:58:13 | mut a | semmle.label | mut a |
 | main.rs:58:17:58:27 | ...::new | semmle.label | ...::new |
 | main.rs:58:17:58:44 | ...::new(...) | semmle.label | ...::new(...) |
@@ -551,11 +524,6 @@ nodes
 | main.rs:123:13:123:18 | insert | semmle.label | insert |
 | main.rs:123:20:123:20 | a | semmle.label | a |
 | main.rs:123:20:123:28 | a.clone() | semmle.label | a.clone() |
-| main.rs:126:9:126:9 | b | semmle.label | b |
-| main.rs:126:13:126:30 | a.set_secure(...) | semmle.label | a.set_secure(...) |
-| main.rs:127:13:127:18 | insert | semmle.label | insert |
-| main.rs:127:20:127:20 | b | semmle.label | b |
-| main.rs:127:20:127:28 | b.clone() | semmle.label | b.clone() |
 | main.rs:130:9:130:9 | c | semmle.label | c |
 | main.rs:130:13:130:31 | b.set_secure(...) | semmle.label | b.set_secure(...) |
 | main.rs:131:13:131:18 | insert | semmle.label | insert |
@@ -566,16 +534,6 @@ nodes
 | main.rs:135:13:135:18 | insert | semmle.label | insert |
 | main.rs:135:20:135:20 | d | semmle.label | d |
 | main.rs:135:20:135:28 | d.clone() | semmle.label | d.clone() |
-| main.rs:138:9:138:9 | e | semmle.label | e |
-| main.rs:138:13:138:30 | d.set_secure(...) | semmle.label | d.set_secure(...) |
-| main.rs:139:13:139:18 | insert | semmle.label | insert |
-| main.rs:139:20:139:20 | e | semmle.label | e |
-| main.rs:139:20:139:28 | e.clone() | semmle.label | e.clone() |
-| main.rs:142:9:142:9 | f | semmle.label | f |
-| main.rs:142:13:142:36 | e.set_partitioned(...) | semmle.label | e.set_partitioned(...) |
-| main.rs:143:13:143:18 | insert | semmle.label | insert |
-| main.rs:143:20:143:20 | f | semmle.label | f |
-| main.rs:143:20:143:28 | f.clone() | semmle.label | f.clone() |
 | main.rs:146:9:146:9 | g | semmle.label | g |
 | main.rs:146:13:146:31 | f.set_secure(...) | semmle.label | f.set_secure(...) |
 | main.rs:147:13:147:18 | insert | semmle.label | insert |
--- a/rust/ql/test/query-tests/security/CWE-614/main.rs
+++ b/rust/ql/test/query-tests/security/CWE-614/main.rs
@@ -9,7 +9,7 @@ fn test_cookie(sometimes: bool) {
    println!("cookie1 = '{}'", cookie1.to_string());

    // secure set to true
-    let cookie2 = Cookie::build(("name", "value")).secure(true).build(); // $ SPURIOUS: Alert[rust/insecure-cookie]
+    let cookie2 = Cookie::build(("name", "value")).secure(true).build(); // good
    println!("cookie2 = '{}'", cookie2.to_string());

    // secure left as default (which is `None`, equivalent here to `false`)
@@ -51,7 +51,7 @@ fn test_cookie(sometimes: bool) {

    // edge cases
    Cookie::build(("name", "value")).secure(true).secure(false).build(); // $ Alert[rust/insecure-cookie]
-    Cookie::build(("name", "value")).secure(false).secure(true).build(); // $ SPURIOUS: Alert[rust/insecure-cookie]
+    Cookie::build(("name", "value")).secure(false).secure(true).build(); // good

    // mutable cookie
    let mut jar = CookieJar::new();
@@ -111,7 +111,7 @@ fn test_cookie(sometimes: bool) {
    }

    // partitioned (implies secure)
-    Cookie::build(("name", "value")).partitioned(true).build(); // $ SPURIOUS: Alert[rust/insecure-cookie]
+    Cookie::build(("name", "value")).partitioned(true).build(); // good
 }

 fn test_biscotti() {
@@ -124,7 +124,7 @@ fn test_biscotti() {
    println!("biscotti1 = {}", a.to_string());

    let b = a.set_secure(true);
-    cookies.insert(b.clone()); // $ SPURIOUS: Alert[rust/insecure-cookie]
+    cookies.insert(b.clone()); // good
    println!("biscotti2 = {}", b.to_string());

    let c = b.set_secure(false);
@@ -132,15 +132,15 @@ fn test_biscotti() {
    println!("biscotti3 = {}", c.to_string());

    let d = c.set_partitioned(true); // (implies secure)
-    cookies.insert(d.clone()); // $ SPURIOUS: Alert[rust/insecure-cookie]
+    cookies.insert(d.clone()); // good
    println!("biscotti4 = {}", d.to_string());

    let e = d.set_secure(true);
-    cookies.insert(e.clone()); // $ SPURIOUS: Alert[rust/insecure-cookie]
+    cookies.insert(e.clone()); // good
    println!("biscotti5 = {}", e.to_string());

    let f = e.set_partitioned(false);
-    cookies.insert(f.clone()); // $ SPURIOUS: Alert[rust/insecure-cookie]
+    cookies.insert(f.clone()); // good
    println!("biscotti6 = {}", f.to_string());

    let g = f.set_secure(false);