hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 20:25:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Mark test as bad-but-missed

Browse Source 
This test ought ideally to be caught, but isn't by the current version of the query.
This commit is contained in:
Chris Smowton
2021-04-13 10:11:37 +01:00
parent d7f26dfc18
commit 45e1a61d7b
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/test/experimental/query-tests/security/CWE-1004/SensitiveCookieNotHttpOnly.java
View File

@@ -137,7 +137,9 @@ class SensitiveCookieNotHttpOnly {
response.addCookie(createCookie("refresh_token", refreshToken, true));
}
// GOOD - Tests set a sensitive cookie header with the `HttpOnly` flag not set through a boolean variable using a wrapper method.
// BAD (but not detected) - Tests set a sensitive cookie header with the `HttpOnly` flag not set through a boolean variable using a wrapper method.
// This example is missed because the `cookie.setHttpOnly` call in `createCookie` is thought to maybe set the HTTP-only flag, and the `cookie`
// object flows to this `addCookie` call.
public void addCookie15(HttpServletRequest request, HttpServletResponse response, String refreshToken) {
response.addCookie(createCookie("refresh_token", refreshToken, false));
}