hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Polish .ql

Browse Source
This commit is contained in:
jorgectf
2021-10-28 09:25:47 +02:00
parent 0f2b81e0d2
commit 5dc1ad6f8a
2 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
python/ql/src/experimental/Security/CWE-614/InsecureCookie.qhelp
View File

@@ -23,4 +23,4 @@ secure flag and the second adds the secure flag in the cookie's raw value.</p>
<li>PortSwigger: <a href="https://portswigger.net/kb/issues/00500200_tls-cookie-without-secure-flag-set">TLS cookie without secure flag set</a>.</li> <li>PortSwigger: <a href="https://portswigger.net/kb/issues/00500200_tls-cookie-without-secure-flag-set">TLS cookie without secure flag set</a>.</li>
</references> </references>
</qhelp> </qhelp>

5
python/ql/src/experimental/Security/CWE-614/InsecureCookie.ql
View File

@@ -13,15 +13,16 @@
import python import python
import semmle.python.dataflow.new.DataFlow import semmle.python.dataflow.new.DataFlow
import experimental.semmle.python.Concepts import experimental.semmle.python.Concepts
import experimental.semmle.python.CookieHeader
from Cookie cookie, string alert from Cookie cookie, string alert
where where
cookie.isSecure() and not cookie.isSecure() and
alert = "secure" alert = "secure"
or or
not cookie.isHttpOnly() and not cookie.isHttpOnly() and
alert = "httponly" alert = "httponly"
or or
cookie.isSameSite() and not cookie.isSameSite() and
alert = "samesite" alert = "samesite"
select cookie, "Cookie is added without the ", alert, " flag properly set." select cookie, "Cookie is added without the ", alert, " flag properly set."