Polish .ql

2025-12-21 11:16:30 +01:00 · 2021-10-28 09:25:47 +02:00
parent 0f2b81e0d2
commit 5dc1ad6f8a
2 changed files with 4 additions and 3 deletions
--- a/python/ql/src/experimental/Security/CWE-614/InsecureCookie.qhelp
+++ b/python/ql/src/experimental/Security/CWE-614/InsecureCookie.qhelp
@@ -23,4 +23,4 @@ secure flag and the second adds the secure flag in the cookie's raw value.</p>
 <li>PortSwigger: <a href="https://portswigger.net/kb/issues/00500200_tls-cookie-without-secure-flag-set">TLS cookie without secure flag set</a>.</li>
 </references>

-</qhelp>
+</qhelp>
--- a/python/ql/src/experimental/Security/CWE-614/InsecureCookie.ql
+++ b/python/ql/src/experimental/Security/CWE-614/InsecureCookie.ql
@@ -13,15 +13,16 @@
 import python
 import semmle.python.dataflow.new.DataFlow
 import experimental.semmle.python.Concepts
+import experimental.semmle.python.CookieHeader

 from Cookie cookie, string alert
 where
-  cookie.isSecure() and
+  not cookie.isSecure() and
  alert = "secure"
  or
  not cookie.isHttpOnly() and
  alert = "httponly"
  or
-  cookie.isSameSite() and
+  not cookie.isSameSite() and
  alert = "samesite"
 select cookie, "Cookie is added without the ", alert, " flag properly set."