hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 12:15:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add query-tests

Browse Source
This commit is contained in:
ubuntu
2020-08-16 15:02:52 +02:00
parent 3e9142bf71
commit 5d6e6be4e4
7 changed files with 129 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
javascript/ql/test/query-tests/Security/CWE-614/InsecureCookies.expected Normal file
View File

@@ -0,0 +1,9 @@
| Cookie is added to response without the 'secure' flag being set to true (using cookie-session). | test_cookie-session.js:18:9:28:2 | session ... }\\n}) |
| Cookie is added to response without the 'secure' flag being set to true (using express-session). | test_express-session.js:5:9:8:2 | session ... T OK\\n}) |
| Cookie is added to response without the 'secure' flag being set to true (using express-session). | test_express-session.js:10:9:13:2 | session ... T OK\\n}) |
| Cookie is added to response without the 'secure' flag being set to true (using express-session). | test_express-session.js:15:9:18:2 | session ... T OK\\n}) |
| Cookie is added to response without the 'secure' flag being set to true (using express-session). | test_express-session.js:25:9:25:21 | session(sess) |
| Cookie is added to response without the 'secure' flag being set to true (using js-cookie). | test_jscookie.js:2:1:2:48 | js_cook ... alse }) |
| Cookie is added to response without the 'secure' flag being set to true (using response.cookie). | test_responseCookie.js:5:5:10:10 | res.coo ... }) |
| Cookie is added to response without the 'secure' flag being set to true (using response.cookie). | test_responseCookie.js:20:5:20:40 | res.coo ... ptions) |
| Cookie is added to response without the 'secure' flag being set to true (using set-cookie header). | test_httpserver.js:7:37:7:73 | ["type= ... cript"] |

1
javascript/ql/test/query-tests/Security/CWE-614/InsecureCookies.qlref Normal file
View File

@@ -0,0 +1 @@
experimental/Security/CWE-614/InsecureCookie.ql

28
javascript/ql/test/query-tests/Security/CWE-614/test_cookie-session.js Normal file
View File

@@ -0,0 +1,28 @@
const express = require('express')
const app = express()
const session = require('cookie-session')
const expiryDate = new Date(Date.now() + 60 * 60 * 1000)
app.use(session({
name: 'session',
keys: ['key1', 'key2'],
cookie: {
secure: true, // OK
httpOnly: true,
domain: 'example.com',
path: 'foo/bar',
expires: expiryDate
}
}))
app.use(session({
name: 'session',
keys: ['key1', 'key2'],
cookie: {
secure: false, // NOT OK
httpOnly: true,
domain: 'example.com',
path: 'foo/bar',
expires: expiryDate
}
}))

33
javascript/ql/test/query-tests/Security/CWE-614/test_express-session.js Normal file
View File

@@ -0,0 +1,33 @@
const express = require('express')
const app = express()
const session = require('express-session')
app.use(session({
secret: 'secret',
cookie: { secure: false } // NOT OK
}))
app.use(session({
secret: 'secret'
// NOT OK
}))
app.use(session({
secret: 'secret',
cookie: {} // NOT OK
}))
const sess = {
secret: 'secret',
cookie: { secure: false } // NOT OK
}
app.use(session(sess))
app.set('trust proxy', 1)
app.use(session({
secret: 'secret',
cookie: { secure: true } // OK
}))

22
javascript/ql/test/query-tests/Security/CWE-614/test_httpserver.js Normal file
View File

@@ -0,0 +1,22 @@
const http = require('http');
function test1() {
const server = http.createServer((req, res) => {
res.setHeader('Content-Type', 'text/html');
// NOT OK
res.setHeader("Set-Cookie", ["type=ninja", "language=javascript"]);
res.writeHead(200, { 'Content-Type': 'text/plain' });
res.end('ok');
});
}
function test2() {
const server = http.createServer((req, res) => {
res.setHeader('Content-Type', 'text/html');
// OK
res.setHeader("Set-Cookie", ["type=ninja; Secure", "language=javascript; secure"]);
res.writeHead(200, { 'Content-Type': 'text/plain' });
res.end('ok');
});
}

3
javascript/ql/test/query-tests/Security/CWE-614/test_jscookie.js Normal file
View File

@@ -0,0 +1,3 @@
const js_cookie = require('js-cookie')
js_cookie.set('key', 'value', { secure: false }); // NOT OK
js_cookie.set('key', 'value', { secure: true }); // OK

33
javascript/ql/test/query-tests/Security/CWE-614/test_responseCookie.js Normal file
View File

@@ -0,0 +1,33 @@
const express = require('express')
const app = express()
app.get('/a', function (req, res, next) {
res.cookie('name', 'value',
{
maxAge: 9000000000,
httpOnly: true,
secure: false // NOT OK
});
res.end('ok')
})
app.get('/b', function (req, res, next) {
let options = {
maxAge: 9000000000,
httpOnly: true,
secure: false // NOT OK
}
res.cookie('name', 'value', options);
res.end('ok')
})
app.get('/c', function (req, res, next) {
res.cookie('name', 'value',
{
maxAge: 9000000000,
httpOnly: true,
secure: true // OK
});
res.end('ok')
})