mirror of
https://github.com/github/codeql.git
synced 2025-12-16 16:53:25 +01:00
Merge pull request #20762 from joefarebrother/go-insecure-cookie
Go: Promote non-httponly cookie query, and add insecure cookie query
This commit is contained in:
Joe Farebrother
@@ -12,6 +12,7 @@ ql/go/ql/src/Security/CWE-079/HtmlTemplateEscapingBypassXss.ql
|
||||
ql/go/ql/src/Security/CWE-079/ReflectedXss.ql
|
||||
ql/go/ql/src/Security/CWE-089/SqlInjection.ql
|
||||
ql/go/ql/src/Security/CWE-089/StringBreak.ql
|
||||
ql/go/ql/src/Security/CWE-1004/CookieWithoutHttpOnly.ql
|
||||
ql/go/ql/src/Security/CWE-190/AllocationSizeOverflow.ql
|
||||
ql/go/ql/src/Security/CWE-209/StackTraceExposure.ql
|
||||
ql/go/ql/src/Security/CWE-295/DisabledCertificateCheck.ql
|
||||
@@ -26,6 +27,7 @@ ql/go/ql/src/Security/CWE-347/MissingJwtSignatureCheck.ql
|
||||
ql/go/ql/src/Security/CWE-352/ConstantOauth2State.ql
|
||||
ql/go/ql/src/Security/CWE-601/BadRedirectCheck.ql
|
||||
ql/go/ql/src/Security/CWE-601/OpenUrlRedirect.ql
|
||||
ql/go/ql/src/Security/CWE-614/CookieWithoutSecure.ql
|
||||
ql/go/ql/src/Security/CWE-640/EmailInjection.ql
|
||||
ql/go/ql/src/Security/CWE-643/XPathInjection.ql
|
||||
ql/go/ql/src/Security/CWE-681/IncorrectIntegerConversionQuery.ql
|
||||
|
||||
@@ -34,6 +34,7 @@ ql/go/ql/src/Security/CWE-079/HtmlTemplateEscapingBypassXss.ql
|
||||
ql/go/ql/src/Security/CWE-079/ReflectedXss.ql
|
||||
ql/go/ql/src/Security/CWE-089/SqlInjection.ql
|
||||
ql/go/ql/src/Security/CWE-089/StringBreak.ql
|
||||
ql/go/ql/src/Security/CWE-1004/CookieWithoutHttpOnly.ql
|
||||
ql/go/ql/src/Security/CWE-117/LogInjection.ql
|
||||
ql/go/ql/src/Security/CWE-190/AllocationSizeOverflow.ql
|
||||
ql/go/ql/src/Security/CWE-209/StackTraceExposure.ql
|
||||
@@ -49,6 +50,7 @@ ql/go/ql/src/Security/CWE-347/MissingJwtSignatureCheck.ql
|
||||
ql/go/ql/src/Security/CWE-352/ConstantOauth2State.ql
|
||||
ql/go/ql/src/Security/CWE-601/BadRedirectCheck.ql
|
||||
ql/go/ql/src/Security/CWE-601/OpenUrlRedirect.ql
|
||||
ql/go/ql/src/Security/CWE-614/CookieWithoutSecure.ql
|
||||
ql/go/ql/src/Security/CWE-640/EmailInjection.ql
|
||||
ql/go/ql/src/Security/CWE-643/XPathInjection.ql
|
||||
ql/go/ql/src/Security/CWE-681/IncorrectIntegerConversionQuery.ql
|
||||
|
||||
@@ -12,6 +12,7 @@ ql/go/ql/src/Security/CWE-079/HtmlTemplateEscapingBypassXss.ql
|
||||
ql/go/ql/src/Security/CWE-079/ReflectedXss.ql
|
||||
ql/go/ql/src/Security/CWE-089/SqlInjection.ql
|
||||
ql/go/ql/src/Security/CWE-089/StringBreak.ql
|
||||
ql/go/ql/src/Security/CWE-1004/CookieWithoutHttpOnly.ql
|
||||
ql/go/ql/src/Security/CWE-117/LogInjection.ql
|
||||
ql/go/ql/src/Security/CWE-190/AllocationSizeOverflow.ql
|
||||
ql/go/ql/src/Security/CWE-209/StackTraceExposure.ql
|
||||
@@ -27,6 +28,7 @@ ql/go/ql/src/Security/CWE-347/MissingJwtSignatureCheck.ql
|
||||
ql/go/ql/src/Security/CWE-352/ConstantOauth2State.ql
|
||||
ql/go/ql/src/Security/CWE-601/BadRedirectCheck.ql
|
||||
ql/go/ql/src/Security/CWE-601/OpenUrlRedirect.ql
|
||||
ql/go/ql/src/Security/CWE-614/CookieWithoutSecure.ql
|
||||
ql/go/ql/src/Security/CWE-640/EmailInjection.ql
|
||||
ql/go/ql/src/Security/CWE-643/XPathInjection.ql
|
||||
ql/go/ql/src/Security/CWE-681/IncorrectIntegerConversionQuery.ql
|
||||
|
||||
@@ -9,7 +9,6 @@ ql/go/ql/src/Security/CWE-079/StoredXss.ql
|
||||
ql/go/ql/src/Security/CWE-798/HardcodedCredentials.ql
|
||||
ql/go/ql/src/definitions.ql
|
||||
ql/go/ql/src/experimental/CWE-090/LDAPInjection.ql
|
||||
ql/go/ql/src/experimental/CWE-1004/CookieWithoutHttpOnly.ql
|
||||
ql/go/ql/src/experimental/CWE-203/Timing.ql
|
||||
ql/go/ql/src/experimental/CWE-285/PamAuthBypass.ql
|
||||
ql/go/ql/src/experimental/CWE-287/ImproperLdapAuth.ql
|
||||
|
||||
@@ -41,6 +41,7 @@ import semmle.go.frameworks.ElazarlGoproxy
|
||||
import semmle.go.frameworks.Email
|
||||
import semmle.go.frameworks.Encoding
|
||||
import semmle.go.frameworks.Fasthttp
|
||||
import semmle.go.frameworks.Gin
|
||||
import semmle.go.frameworks.GinCors
|
||||
import semmle.go.frameworks.Glog
|
||||
import semmle.go.frameworks.GoJose
|
||||
|
||||
@@ -380,4 +380,96 @@ module Http {
|
||||
/** Gets a node that is used in a check that is tested before this handler is run. */
|
||||
predicate guardedBy(DataFlow::Node check) { super.guardedBy(check) }
|
||||
}
|
||||
|
||||
/** Provides a class for modeling new HTTP response cookie write APIs. */
|
||||
module CookieWrite {
|
||||
/**
|
||||
* A write of an HTTP Cookie to an HTTP response.
|
||||
*
|
||||
* Extend this class to model new APIs. If you want to refine existing API models,
|
||||
* extend `HTTP::CookieWrite` instead.
|
||||
*/
|
||||
abstract class Range extends DataFlow::Node {
|
||||
/** Gets the name of the cookie written. */
|
||||
abstract DataFlow::Node getName();
|
||||
|
||||
/** Gets the value of the cookie written. */
|
||||
abstract DataFlow::Node getValue();
|
||||
|
||||
/** Gets the `Secure` attribute of the cookie written. */
|
||||
abstract DataFlow::Node getSecure();
|
||||
|
||||
/** Gets the `HttpOnly` attribute of the cookie written. */
|
||||
abstract DataFlow::Node getHttpOnly();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* A write of an HTTP Cookie to an HTTP response.
|
||||
*
|
||||
* Extend this class to refine existing API models. If you want to model new APIs,
|
||||
* extend `HTTP::CookieWrite::Range` instead.
|
||||
*/
|
||||
class CookieWrite extends DataFlow::Node instanceof CookieWrite::Range {
|
||||
/** Gets the name of the cookie written. */
|
||||
DataFlow::Node getName() { result = super.getName() }
|
||||
|
||||
/** Gets the value of the cookie written. */
|
||||
DataFlow::Node getValue() { result = super.getValue() }
|
||||
|
||||
/** Gets the `Secure` attribute of the cookie written. */
|
||||
DataFlow::Node getSecure() { result = super.getSecure() }
|
||||
|
||||
/** Gets the `HttpOnly` attribute of the cookie written. */
|
||||
DataFlow::Node getHttpOnly() { result = super.getHttpOnly() }
|
||||
}
|
||||
|
||||
/** Provides a class for modeling the new APIs for writes to options of an HTTP cookie. */
|
||||
module CookieOptionWrite {
|
||||
/**
|
||||
* A write to an option of an HTTP cookie object.
|
||||
*
|
||||
* Extend this class to model new APIs. If you want to refine existing API models,
|
||||
* extend `HTTP::CookieOptionWrite` instead.
|
||||
*/
|
||||
abstract class Range extends DataFlow::Node {
|
||||
/** Gets the node representing the cookie object for the options being set. */
|
||||
abstract DataFlow::Node getCookieOutput();
|
||||
|
||||
/** Gets the name of the cookie represented, if any. */
|
||||
abstract DataFlow::Node getName();
|
||||
|
||||
/** Gets the value of the cookie represented, if any. */
|
||||
abstract DataFlow::Node getValue();
|
||||
|
||||
/** Gets the `Secure` attribute of the cookie represented, if any. */
|
||||
abstract DataFlow::Node getSecure();
|
||||
|
||||
/** Gets the `HttpOnly` attribute of the cookie represented, if any. */
|
||||
abstract DataFlow::Node getHttpOnly();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* A write to an option of an HTTP cookie object.
|
||||
*
|
||||
* Extend this class to refine existing API models. If you want to model new APIs,
|
||||
* extend `HTTP::CookieOptionWrite::Range` instead.
|
||||
*/
|
||||
class CookieOptionWrite extends DataFlow::Node instanceof CookieOptionWrite::Range {
|
||||
/** Gets the node representing the cookie object for the options being set. */
|
||||
DataFlow::Node getCookieOutput() { result = super.getCookieOutput() }
|
||||
|
||||
/** Gets the name of the cookie represented, if any. */
|
||||
DataFlow::Node getName() { result = super.getName() }
|
||||
|
||||
/** Gets the value of the cookie represented, if any. */
|
||||
DataFlow::Node getValue() { result = super.getValue() }
|
||||
|
||||
/** Gets the `Secure` attribute of the cookie represented, if any. */
|
||||
DataFlow::Node getSecure() { result = super.getSecure() }
|
||||
|
||||
/** Gets the `HttpOnly` attribute of the cookie represented, if any. */
|
||||
DataFlow::Node getHttpOnly() { result = super.getHttpOnly() }
|
||||
}
|
||||
}
|
||||
|
||||
24
go/ql/lib/semmle/go/frameworks/Gin.qll
Normal file
24
go/ql/lib/semmle/go/frameworks/Gin.qll
Normal file
@@ -0,0 +1,24 @@
|
||||
/**
|
||||
* Provides classes for modeling the `github.com/gin-gonic/gin` package.
|
||||
*/
|
||||
|
||||
import go
|
||||
import semmle.go.concepts.HTTP
|
||||
|
||||
/** Provides models for the `gin-gonic/gin` package. */
|
||||
module Gin {
|
||||
/** Gets the package name `github.com/gin-gonic/gin`. */
|
||||
string packagePath() { result = package("github.com/gin-gonic/gin", "") }
|
||||
|
||||
private class GinCookieWrite extends Http::CookieWrite::Range, DataFlow::MethodCallNode {
|
||||
GinCookieWrite() { this.getTarget().hasQualifiedName(packagePath(), "Context", "SetCookie") }
|
||||
|
||||
override DataFlow::Node getName() { result = this.getArgument(0) }
|
||||
|
||||
override DataFlow::Node getValue() { result = this.getArgument(1) }
|
||||
|
||||
override DataFlow::Node getSecure() { result = this.getArgument(5) }
|
||||
|
||||
override DataFlow::Node getHttpOnly() { result = this.getArgument(6) }
|
||||
}
|
||||
}
|
||||
@@ -293,4 +293,38 @@ module NetHttp {
|
||||
|
||||
override DataFlow::Node getAPathArgument() { result = this.getArgument(2) }
|
||||
}
|
||||
|
||||
private class CookieWrite extends Http::CookieWrite::Range, DataFlow::CallNode {
|
||||
CookieWrite() { this.getTarget().hasQualifiedName(package("net/http", ""), "SetCookie") }
|
||||
|
||||
override DataFlow::Node getName() { result = this.getArgument(1) }
|
||||
|
||||
override DataFlow::Node getValue() { result = this.getArgument(1) }
|
||||
|
||||
override DataFlow::Node getSecure() { result = this.getArgument(1) }
|
||||
|
||||
override DataFlow::Node getHttpOnly() { result = this.getArgument(1) }
|
||||
}
|
||||
|
||||
private class CookieFieldWrite extends Http::CookieOptionWrite::Range {
|
||||
DataFlow::Node written;
|
||||
string fieldName;
|
||||
|
||||
CookieFieldWrite() {
|
||||
exists(Write w, Field f |
|
||||
f.hasQualifiedName(package("net/http", ""), "Cookie", fieldName) and
|
||||
w.writesField(this, f, written)
|
||||
)
|
||||
}
|
||||
|
||||
override DataFlow::Node getCookieOutput() { result = this }
|
||||
|
||||
override DataFlow::Node getName() { fieldName = "Name" and result = written }
|
||||
|
||||
override DataFlow::Node getValue() { fieldName = "Value" and result = written }
|
||||
|
||||
override DataFlow::Node getSecure() { fieldName = "Secure" and result = written }
|
||||
|
||||
override DataFlow::Node getHttpOnly() { fieldName = "HttpOnly" and result = written }
|
||||
}
|
||||
}
|
||||
|
||||
77
go/ql/lib/semmle/go/security/CookieWithoutHttpOnly.qll
Normal file
77
go/ql/lib/semmle/go/security/CookieWithoutHttpOnly.qll
Normal file
@@ -0,0 +1,77 @@
|
||||
/** Provides classes and predicates for identifying HTTP cookies without the `HttpOnly` attribute. */
|
||||
|
||||
import go
|
||||
import semmle.go.concepts.HTTP
|
||||
import semmle.go.dataflow.DataFlow
|
||||
|
||||
private module SensitiveCookieNameConfig implements DataFlow::ConfigSig {
|
||||
/**
|
||||
* Holds if `source` is an expression with a name or literal value `val` indicating a sensitive cookie.
|
||||
*/
|
||||
additional predicate isSource(DataFlow::Node source, string val) {
|
||||
(
|
||||
val = source.asExpr().getStringValue() or
|
||||
val = source.asExpr().(Name).getTarget().getName()
|
||||
) and
|
||||
val.regexpMatch("(?i).*(session|login|token|user|auth|credential).*") and
|
||||
not val.regexpMatch("(?i).*(xsrf|csrf|forgery).*")
|
||||
}
|
||||
|
||||
predicate isSource(DataFlow::Node source) { isSource(source, _) }
|
||||
|
||||
additional predicate isSink(DataFlow::Node sink, Http::CookieWrite cw) { sink = cw.getName() }
|
||||
|
||||
predicate isSink(DataFlow::Node sink) { isSink(sink, _) }
|
||||
|
||||
predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) {
|
||||
exists(Http::CookieOptionWrite co | co.getName() = pred and co.getCookieOutput() = succ)
|
||||
}
|
||||
}
|
||||
|
||||
/** Tracks flow from sensitive names to HTTP cookie writes. */
|
||||
module SensitiveCookieNameFlow = TaintTracking::Global<SensitiveCookieNameConfig>;
|
||||
|
||||
private module BooleanCookieHttpOnlyConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) {
|
||||
source.getType().getUnderlyingType() instanceof BoolType
|
||||
}
|
||||
|
||||
predicate isSink(DataFlow::Node sink) { exists(Http::CookieWrite cw | sink = cw.getHttpOnly()) }
|
||||
|
||||
predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) {
|
||||
exists(Http::CookieOptionWrite co | co.getHttpOnly() = pred and co.getCookieOutput() = succ)
|
||||
}
|
||||
}
|
||||
|
||||
/** Tracks flow from boolean expressions to the `HttpOnly` attribute of HTTP cookie writes. */
|
||||
module BooleanCookieHttpOnlyFlow = TaintTracking::Global<BooleanCookieHttpOnlyConfig>;
|
||||
|
||||
/** Holds if `cw` has the `HttpOnly` attribute left at its default value of `false`. */
|
||||
predicate isNonHttpOnlyDefault(Http::CookieWrite cw) {
|
||||
not BooleanCookieHttpOnlyFlow::flowTo(cw.getHttpOnly())
|
||||
}
|
||||
|
||||
/** Holds if `cw` has the `HttpOnly` attribute explicitly set to `false`, from the expression `boolFalse`. */
|
||||
predicate isNonHttpOnlyDirect(Http::CookieWrite cw, Expr boolFalse) {
|
||||
BooleanCookieHttpOnlyFlow::flow(DataFlow::exprNode(boolFalse), cw.getHttpOnly()) and
|
||||
boolFalse.getBoolValue() = false
|
||||
}
|
||||
|
||||
/** Holds if `cw` has the `HttpOnly` attribute set to `false`, either explicitly or by default. */
|
||||
predicate isNonHttpOnlyCookie(Http::CookieWrite cw) {
|
||||
isNonHttpOnlyDefault(cw) or
|
||||
isNonHttpOnlyDirect(cw, _)
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds if `cw` has the sensitive name `name`, from the expression `nameExpr`.
|
||||
* `source` and `sink` represent the data flow path from the sensitive name expression to the cookie write.
|
||||
*/
|
||||
predicate isSensitiveCookie(
|
||||
Http::CookieWrite cw, string name, SensitiveCookieNameFlow::PathNode source,
|
||||
SensitiveCookieNameFlow::PathNode sink
|
||||
) {
|
||||
SensitiveCookieNameFlow::flowPath(source, sink) and
|
||||
SensitiveCookieNameConfig::isSource(source.getNode(), name) and
|
||||
SensitiveCookieNameConfig::isSink(sink.getNode(), cw)
|
||||
}
|
||||
37
go/ql/lib/semmle/go/security/CookieWithoutSecure.qll
Normal file
37
go/ql/lib/semmle/go/security/CookieWithoutSecure.qll
Normal file
@@ -0,0 +1,37 @@
|
||||
/** Provides classes and predicates for identifying HTTP cookies without the `Secure` attribute. */
|
||||
|
||||
import go
|
||||
import semmle.go.concepts.HTTP
|
||||
import semmle.go.dataflow.DataFlow
|
||||
|
||||
private module BooleanCookieSecureConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) {
|
||||
source.getType().getUnderlyingType() instanceof BoolType
|
||||
}
|
||||
|
||||
predicate isSink(DataFlow::Node sink) { exists(Http::CookieWrite cw | sink = cw.getSecure()) }
|
||||
|
||||
predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) {
|
||||
exists(Http::CookieOptionWrite co | co.getSecure() = pred and co.getCookieOutput() = succ)
|
||||
}
|
||||
}
|
||||
|
||||
/** Tracks flow from boolean expressions to the `Secure` attribute of HTTP cookie writes. */
|
||||
module BooleanCookieSecureFlow = TaintTracking::Global<BooleanCookieSecureConfig>;
|
||||
|
||||
/** Holds if `cw` has the `Secure` attribute left at its default value of `false`. */
|
||||
predicate isInsecureDefault(Http::CookieWrite cw) {
|
||||
not BooleanCookieSecureFlow::flowTo(cw.getSecure())
|
||||
}
|
||||
|
||||
/** Holds if `cw` has the `Secure` attribute explicitly set to `false`, from the expression `boolFalse`. */
|
||||
predicate isInsecureDirect(Http::CookieWrite cw, Expr boolFalse) {
|
||||
BooleanCookieSecureFlow::flow(DataFlow::exprNode(boolFalse), cw.getSecure()) and
|
||||
boolFalse.getBoolValue() = false
|
||||
}
|
||||
|
||||
/** Holds if `cw` has the `Secure` attribute set to `false`, either explicitly or by default. */
|
||||
predicate isInsecureCookie(Http::CookieWrite cw) {
|
||||
isInsecureDefault(cw) or
|
||||
isInsecureDirect(cw, _)
|
||||
}
|
||||
34
go/ql/src/Security/CWE-1004/CookieWithoutHttpOnly.qhelp
Normal file
34
go/ql/src/Security/CWE-1004/CookieWithoutHttpOnly.qhelp
Normal file
@@ -0,0 +1,34 @@
|
||||
<!DOCTYPE qhelp PUBLIC
|
||||
"-//Semmle//qhelp//EN"
|
||||
"qhelp.dtd">
|
||||
<qhelp>
|
||||
|
||||
<overview>
|
||||
<p>Cookies without the <code>HttpOnly</code> flag set are accessible to client-side scripts such as JavaScript running in the same origin.
|
||||
In case of a Cross-Site Scripting (XSS) vulnerability, the cookie can be stolen by a malicious script.
|
||||
If a sensitive cookie does not need to be accessed directly by client-side JS, the <code>HttpOnly</code> flag should be set.</p>
|
||||
</overview>
|
||||
|
||||
<recommendation>
|
||||
<p>
|
||||
Set the <code>HttpOnly</code> flag to <code>true</code> for authentication cookies to ensure they are not accessible to client-side scripts.
|
||||
</p>
|
||||
</recommendation>
|
||||
|
||||
<example>
|
||||
<p>
|
||||
In the following example, in the case marked BAD, the <code>HttpOnly</code> flag is not set, so the default value of <code>false</code> is used.
|
||||
In the case marked GOOD, the <code>HttpOnly</code> flag is set to <code>true</code>.
|
||||
</p>
|
||||
<sample src="examples/CookieWithoutHttpOnly.go"/>
|
||||
|
||||
|
||||
</example>
|
||||
|
||||
<references>
|
||||
|
||||
<li>MDN: <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie">Set-Cookie</a> Header.</li>
|
||||
<li>PortSwigger: <a href="https://portswigger.net/kb/issues/00500600_cookie-without-httponly-flag-set">Cookie without HttpOnly flag set</a></li>
|
||||
|
||||
</references>
|
||||
</qhelp>
|
||||
25
go/ql/src/Security/CWE-1004/CookieWithoutHttpOnly.ql
Normal file
25
go/ql/src/Security/CWE-1004/CookieWithoutHttpOnly.ql
Normal file
@@ -0,0 +1,25 @@
|
||||
/**
|
||||
* @name Cookie 'HttpOnly' attribute is not set to true
|
||||
* @description Sensitive cookies without the `HttpOnly` property set are accessible by client-side scripts such as JavaScript.
|
||||
* This makes them more vulnerable to being stolen by an XSS attack.
|
||||
* @kind path-problem
|
||||
* @problem.severity warning
|
||||
* @precision high
|
||||
* @security-severity 5.0
|
||||
* @id go/cookie-httponly-not-set
|
||||
* @tags security
|
||||
* external/cwe/cwe-1004
|
||||
*/
|
||||
|
||||
import go
|
||||
import semmle.go.security.CookieWithoutHttpOnly
|
||||
import SensitiveCookieNameFlow::PathGraph
|
||||
|
||||
from
|
||||
Http::CookieWrite cw, string name, SensitiveCookieNameFlow::PathNode source,
|
||||
SensitiveCookieNameFlow::PathNode sink
|
||||
where
|
||||
isSensitiveCookie(cw, name, source, sink) and
|
||||
isNonHttpOnlyCookie(cw)
|
||||
select cw, source, sink, "Sensitive cookie $@ does not set HttpOnly attribute to true.", source,
|
||||
name
|
||||
@@ -0,0 +1,22 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
)
|
||||
|
||||
func handlerBad(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
}
|
||||
http.SetCookie(w, &c) // BAD: The HttpOnly flag is set to false by default.
|
||||
}
|
||||
|
||||
func handlerGood(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
HttpOnly: true,
|
||||
}
|
||||
http.SetCookie(w, &c) // GOOD: The HttpOnly flag is set to true.
|
||||
}
|
||||
35
go/ql/src/Security/CWE-614/CookieWithoutSecure.qhelp
Normal file
35
go/ql/src/Security/CWE-614/CookieWithoutSecure.qhelp
Normal file
@@ -0,0 +1,35 @@
|
||||
<!DOCTYPE qhelp PUBLIC
|
||||
"-//Semmle//qhelp//EN"
|
||||
"qhelp.dtd">
|
||||
<qhelp>
|
||||
|
||||
<overview>
|
||||
<p>Cookies without the <code>Secure</code> flag set may be transmitted using HTTP instead of HTTPS.
|
||||
This leaves them vulnerable to being read by a third party attacker. If a sensitive cookie such as a session
|
||||
key is intercepted this way, it would allow the attacker to perform actions on a user's behalf.</p>
|
||||
</overview>
|
||||
|
||||
<recommendation>
|
||||
<p>
|
||||
Set the <code>Secure</code> flag to <code>true</code> to ensure cookies are only transmitted over secure HTTPS connections.
|
||||
</p>
|
||||
</recommendation>
|
||||
|
||||
<example>
|
||||
<p>
|
||||
In the following example, in the case marked BAD, the <code>Secure</code> flag is set to <code>false</code> by default.
|
||||
In the case marked GOOD, the <code>Secure</code> flag is set to <code>true</code>.
|
||||
</p>
|
||||
<sample src="examples/CookieWithoutSecure.go"/>
|
||||
|
||||
|
||||
</example>
|
||||
|
||||
<references>
|
||||
|
||||
<li>MDN: <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie">Set-Cookie</a> Header.</li>
|
||||
<li>Detectify: <a href="https://support.detectify.com/support/solutions/articles/48001048982-cookie-lack-secure-flag">Cookie lack Secure flag</a>.</li>
|
||||
<li>PortSwigger: <a href="https://portswigger.net/kb/issues/00500200_tls-cookie-without-secure-flag-set">TLS cookie without secure flag set</a>.</li>
|
||||
|
||||
</references>
|
||||
</qhelp>
|
||||
19
go/ql/src/Security/CWE-614/CookieWithoutSecure.ql
Normal file
19
go/ql/src/Security/CWE-614/CookieWithoutSecure.ql
Normal file
@@ -0,0 +1,19 @@
|
||||
/**
|
||||
* @name Cookie 'Secure' attribute is not set to true
|
||||
* @description Cookies without the `Secure` flag may be sent in cleartext.
|
||||
* This makes them vulnerable to be intercepted by an attacker.
|
||||
* @kind problem
|
||||
* @problem.severity warning
|
||||
* @precision high
|
||||
* @security-severity 4.0
|
||||
* @id go/cookie-secure-not-set
|
||||
* @tags security
|
||||
* external/cwe/cwe-614
|
||||
*/
|
||||
|
||||
import go
|
||||
import semmle.go.security.CookieWithoutSecure
|
||||
|
||||
from Http::CookieWrite cw
|
||||
where isInsecureCookie(cw)
|
||||
select cw, "Cookie does not set Secure attribute to true."
|
||||
22
go/ql/src/Security/CWE-614/examples/CookieWithoutSecure.go
Normal file
22
go/ql/src/Security/CWE-614/examples/CookieWithoutSecure.go
Normal file
@@ -0,0 +1,22 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
)
|
||||
|
||||
func handlerBad(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
}
|
||||
http.SetCookie(w, &c) // BAD: The Secure flag is set to false by default.
|
||||
}
|
||||
|
||||
func handlerGood(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
Secure: true,
|
||||
}
|
||||
http.SetCookie(w, &c) // GOOD: The Secure flag is set to true.
|
||||
}
|
||||
5
go/ql/src/change-notes/2025-11-10-insecure-cookie.md
Normal file
5
go/ql/src/change-notes/2025-11-10-insecure-cookie.md
Normal file
@@ -0,0 +1,5 @@
|
||||
---
|
||||
category: newQuery
|
||||
---
|
||||
* The `go/cookie-http-only-not-set` query has been promoted from the experimental query pack. This query was originally contributed to the experimental query pack by @edvraa.
|
||||
* A new query `go/cookie-secure-not-set` has been added to detect cookies without the `Secure` flag set.
|
||||
@@ -1,245 +0,0 @@
|
||||
import go
|
||||
|
||||
private class NetHttpCookieType extends Type {
|
||||
NetHttpCookieType() { this.hasQualifiedName(package("net/http", ""), "Cookie") }
|
||||
}
|
||||
|
||||
private class GinContextSetCookieMethod extends Method {
|
||||
GinContextSetCookieMethod() {
|
||||
this.hasQualifiedName(package("github.com/gin-gonic/gin", ""), "Context", "SetCookie")
|
||||
}
|
||||
}
|
||||
|
||||
private class GorillaSessionOptionsField extends Field {
|
||||
GorillaSessionOptionsField() {
|
||||
this.hasQualifiedName(package("github.com/gorilla/sessions", ""), "Session", "Options")
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* A simplistic points-to alternative: given a struct creation and a field name, get the values that field can be assigned.
|
||||
*
|
||||
* Assumptions:
|
||||
* - we don't reassign the variable that the creation is stored in
|
||||
* - we always access the creation through the same variable it is initially assigned to
|
||||
*
|
||||
* This should cover most typical patterns...
|
||||
*/
|
||||
private DataFlow::Node getValueForFieldWrite(StructLit sl, string field) {
|
||||
exists(Write w, DataFlow::Node base, Field f |
|
||||
f.getName() = field and
|
||||
w.writesFieldPreUpdate(base, f, result) and
|
||||
(
|
||||
sl = base.asExpr()
|
||||
or
|
||||
base.asExpr() instanceof VariableName and
|
||||
base.getAPredecessor*().asExpr() = sl
|
||||
)
|
||||
)
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds if the expression or its value has a sensitive name
|
||||
*/
|
||||
private predicate isAuthVariable(Expr expr) {
|
||||
exists(string val |
|
||||
(
|
||||
val = expr.getStringValue() or
|
||||
val = expr.(Name).getTarget().getName()
|
||||
) and
|
||||
val.regexpMatch("(?i).*(session|login|token|user|auth|credential).*") and
|
||||
not val.regexpMatch("(?i).*(xsrf|csrf|forgery).*")
|
||||
)
|
||||
}
|
||||
|
||||
/**
|
||||
* A cookie passed as the second parameter to `net/http.SetCookie`.
|
||||
*/
|
||||
private class SetCookieSink extends DataFlow::Node {
|
||||
SetCookieSink() {
|
||||
exists(DataFlow::CallNode cn |
|
||||
cn.getTarget().hasQualifiedName(package("net/http", ""), "SetCookie") and
|
||||
this = cn.getArgument(1)
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
private module NameToNetHttpCookieTrackingConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) { isAuthVariable(source.asExpr()) }
|
||||
|
||||
predicate isSink(DataFlow::Node sink) { sink instanceof SetCookieSink }
|
||||
|
||||
predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) {
|
||||
exists(StructLit sl |
|
||||
sl.getType() instanceof NetHttpCookieType and
|
||||
getValueForFieldWrite(sl, "Name") = pred and
|
||||
sl = succ.asExpr()
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
/** Tracks taint flow from sensitive names to `net/http.SetCookie`. */
|
||||
module NameToNetHttpCookieTrackingFlow = TaintTracking::Global<NameToNetHttpCookieTrackingConfig>;
|
||||
|
||||
private module BoolToNetHttpCookieTrackingConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) {
|
||||
source.getType().getUnderlyingType() instanceof BoolType
|
||||
}
|
||||
|
||||
predicate isSink(DataFlow::Node sink) { sink instanceof SetCookieSink }
|
||||
|
||||
predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) {
|
||||
exists(StructLit sl |
|
||||
sl.getType() instanceof NetHttpCookieType and
|
||||
getValueForFieldWrite(sl, "HttpOnly") = pred and
|
||||
sl = succ.asExpr()
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Tracks taint flow from a `bool` assigned to `HttpOnly` to
|
||||
* `net/http.SetCookie`.
|
||||
*/
|
||||
module BoolToNetHttpCookieTrackingFlow = TaintTracking::Global<BoolToNetHttpCookieTrackingConfig>;
|
||||
|
||||
private module BoolToGinSetCookieTrackingConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) { source.getBoolValue() = false }
|
||||
|
||||
predicate isSink(DataFlow::Node sink) {
|
||||
exists(DataFlow::MethodCallNode mcn |
|
||||
mcn.getTarget() instanceof GinContextSetCookieMethod and
|
||||
mcn.getArgument(6) = sink and
|
||||
exists(DataFlow::Node nameArg |
|
||||
NameToGinSetCookieTrackingFlow::flowTo(nameArg) and
|
||||
mcn.getArgument(0) = nameArg
|
||||
)
|
||||
)
|
||||
}
|
||||
|
||||
predicate observeDiffInformedIncrementalMode() {
|
||||
any() // Merged with other flows in CookieWithoutHttpOnly.ql
|
||||
}
|
||||
|
||||
Location getASelectedSourceLocation(DataFlow::Node source) { none() }
|
||||
}
|
||||
|
||||
/**
|
||||
* Tracks data flow from `HttpOnly` set to `false` to
|
||||
* `gin-gonic/gin.Context.SetCookie`.
|
||||
*/
|
||||
module BoolToGinSetCookieTrackingFlow = DataFlow::Global<BoolToGinSetCookieTrackingConfig>;
|
||||
|
||||
private module NameToGinSetCookieTrackingConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) { isAuthVariable(source.asExpr()) }
|
||||
|
||||
predicate isSink(DataFlow::Node sink) {
|
||||
exists(DataFlow::MethodCallNode mcn |
|
||||
mcn.getTarget() instanceof GinContextSetCookieMethod and
|
||||
mcn.getArgument(0) = sink
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Tracks taint flow from sensitive names to `gin-gonic/gin.Context.SetCookie`.
|
||||
*/
|
||||
private module NameToGinSetCookieTrackingFlow = DataFlow::Global<NameToGinSetCookieTrackingConfig>;
|
||||
|
||||
/**
|
||||
* The receiver of `gorilla/sessions.Session.Save` call.
|
||||
*/
|
||||
private class GorillaSessionSaveSink extends DataFlow::Node {
|
||||
GorillaSessionSaveSink() {
|
||||
exists(DataFlow::MethodCallNode mcn |
|
||||
this = mcn.getReceiver() and
|
||||
mcn.getTarget()
|
||||
.hasQualifiedName(package("github.com/gorilla/sessions", ""), "Session", "Save")
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
private class GorillaStoreSaveSink extends DataFlow::Node {
|
||||
GorillaStoreSaveSink() {
|
||||
exists(DataFlow::MethodCallNode mcn |
|
||||
this = mcn.getArgument(2) and
|
||||
mcn.getTarget()
|
||||
.hasQualifiedName(package("github.com/gorilla/sessions", ""), "CookieStore", "Save")
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
private module GorillaCookieStoreSaveTrackingConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) {
|
||||
source
|
||||
.(DataFlow::CallNode)
|
||||
.getTarget()
|
||||
.hasQualifiedName(package("github.com/gorilla/sessions", ""), "NewCookieStore")
|
||||
}
|
||||
|
||||
predicate isSink(DataFlow::Node sink) {
|
||||
sink instanceof GorillaSessionSaveSink or
|
||||
sink instanceof GorillaStoreSaveSink
|
||||
}
|
||||
|
||||
predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) {
|
||||
exists(DataFlow::MethodCallNode cn |
|
||||
cn.getTarget()
|
||||
.hasQualifiedName(package("github.com/gorilla/sessions", ""), "CookieStore", "Get") and
|
||||
pred = cn.getReceiver() and
|
||||
succ = cn.getResult(0)
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Tracks data flow from gorilla cookie store creation to
|
||||
* `gorilla/sessions.Session.Save`.
|
||||
*/
|
||||
module GorillaCookieStoreSaveTrackingFlow = DataFlow::Global<GorillaCookieStoreSaveTrackingConfig>;
|
||||
|
||||
private module GorillaSessionOptionsTrackingConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) {
|
||||
exists(StructLit sl |
|
||||
sl.getType().hasQualifiedName(package("github.com/gorilla/sessions", ""), "Options") and
|
||||
source.asExpr() = sl
|
||||
)
|
||||
}
|
||||
|
||||
predicate isSink(DataFlow::Node sink) { sink instanceof GorillaSessionSaveSink }
|
||||
|
||||
predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) {
|
||||
exists(GorillaSessionOptionsField f, DataFlow::Write w | w.writesField(succ, f, pred))
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Tracks taint flow from session options to
|
||||
* `gorilla/sessions.Session.Save`.
|
||||
*/
|
||||
module GorillaSessionOptionsTrackingFlow =
|
||||
TaintTracking::Global<GorillaSessionOptionsTrackingConfig>;
|
||||
|
||||
private module BoolToGorillaSessionOptionsTrackingConfig implements DataFlow::ConfigSig {
|
||||
predicate isSource(DataFlow::Node source) {
|
||||
source.getType().getUnderlyingType() instanceof BoolType
|
||||
}
|
||||
|
||||
predicate isSink(DataFlow::Node sink) { sink instanceof GorillaSessionSaveSink }
|
||||
|
||||
predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) {
|
||||
exists(StructLit sl |
|
||||
getValueForFieldWrite(sl, "HttpOnly") = pred and
|
||||
sl = succ.asExpr()
|
||||
)
|
||||
or
|
||||
exists(GorillaSessionOptionsField f, DataFlow::Write w | w.writesField(succ, f, pred))
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Tracks taint flow from a `bool` assigned to `HttpOnly` to
|
||||
* `gorilla/sessions.Session.Save`.
|
||||
*/
|
||||
module BoolToGorillaSessionOptionsTrackingFlow =
|
||||
TaintTracking::Global<BoolToGorillaSessionOptionsTrackingConfig>;
|
||||
@@ -1,42 +0,0 @@
|
||||
<!DOCTYPE qhelp PUBLIC
|
||||
"-//Semmle//qhelp//EN"
|
||||
"qhelp.dtd">
|
||||
<qhelp>
|
||||
|
||||
<overview>
|
||||
<p>
|
||||
Cookies without <code>HttpOnly</code> attribute are accessible to JavaScript running in the same origin. In case of
|
||||
Cross-Site Scripting (XSS) vulnerability the cookie can be stolen by malicious script.
|
||||
</p>
|
||||
</overview>
|
||||
|
||||
<recommendation>
|
||||
<p>
|
||||
Protect sensitive cookies, such as related to authentication, by setting <code>HttpOnly</code> to <code>true</code> to make
|
||||
them not accessible to JavaScript.
|
||||
</p>
|
||||
</recommendation>
|
||||
|
||||
<example>
|
||||
|
||||
<p>
|
||||
In the following example the default <code>HttpOnly</code> value is <code>false</code>.
|
||||
</p>
|
||||
|
||||
<sample src="CookieWithoutHttpOnlyBad.go" />
|
||||
|
||||
<p>
|
||||
In the example below <code>HttpOnly</code> is set to <code>true</code>.
|
||||
</p>
|
||||
|
||||
<sample src="CookieWithoutHttpOnlyGood.go" />
|
||||
|
||||
</example>
|
||||
|
||||
<references>
|
||||
|
||||
<li><a href="https://golang.org/pkg/net/http/#Cookie">type Cookie,</a></li>
|
||||
<li><a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie">Set-Cookie</a> Header,</li>
|
||||
|
||||
</references>
|
||||
</qhelp>
|
||||
@@ -1,99 +0,0 @@
|
||||
/**
|
||||
* @name 'HttpOnly' attribute is not set to true
|
||||
* @description Omitting the 'HttpOnly' attribute for security sensitive data allows
|
||||
* malicious JavaScript to steal it in case of XSS vulnerability. Always set
|
||||
* 'HttpOnly' to 'true' to authentication related cookie to make it
|
||||
* not accessible by JavaScript.
|
||||
* @kind path-problem
|
||||
* @problem.severity warning
|
||||
* @precision high
|
||||
* @id go/cookie-httponly-not-set
|
||||
* @tags security
|
||||
* experimental
|
||||
* external/cwe/cwe-1004
|
||||
*/
|
||||
|
||||
import go
|
||||
import AuthCookie
|
||||
|
||||
module NetHttpCookieTrackingFlow =
|
||||
DataFlow::MergePathGraph<NameToNetHttpCookieTrackingFlow::PathNode,
|
||||
BoolToNetHttpCookieTrackingFlow::PathNode, NameToNetHttpCookieTrackingFlow::PathGraph,
|
||||
BoolToNetHttpCookieTrackingFlow::PathGraph>;
|
||||
|
||||
module GorillaTrackingFlow =
|
||||
DataFlow::MergePathGraph3<GorillaCookieStoreSaveTrackingFlow::PathNode,
|
||||
GorillaSessionOptionsTrackingFlow::PathNode, BoolToGorillaSessionOptionsTrackingFlow::PathNode,
|
||||
GorillaCookieStoreSaveTrackingFlow::PathGraph, GorillaSessionOptionsTrackingFlow::PathGraph,
|
||||
BoolToGorillaSessionOptionsTrackingFlow::PathGraph>;
|
||||
|
||||
module MergedFlow =
|
||||
DataFlow::MergePathGraph3<NetHttpCookieTrackingFlow::PathNode,
|
||||
BoolToGinSetCookieTrackingFlow::PathNode, GorillaTrackingFlow::PathNode,
|
||||
NetHttpCookieTrackingFlow::PathGraph, BoolToGinSetCookieTrackingFlow::PathGraph,
|
||||
GorillaTrackingFlow::PathGraph>;
|
||||
|
||||
import MergedFlow::PathGraph
|
||||
|
||||
/** Holds if `HttpOnly` of `net/http.SetCookie` is set to `false` or not set (default value is used). */
|
||||
predicate isNetHttpCookieFlow(
|
||||
NetHttpCookieTrackingFlow::PathNode source, NetHttpCookieTrackingFlow::PathNode sink
|
||||
) {
|
||||
exists(
|
||||
NameToNetHttpCookieTrackingFlow::PathNode sensitiveName,
|
||||
NameToNetHttpCookieTrackingFlow::PathNode setCookieSink
|
||||
|
|
||||
NameToNetHttpCookieTrackingFlow::flowPath(sensitiveName, setCookieSink) and
|
||||
(
|
||||
not BoolToNetHttpCookieTrackingFlow::flowTo(sink.getNode()) and
|
||||
source.asPathNode1() = sensitiveName and
|
||||
sink.asPathNode1() = setCookieSink
|
||||
or
|
||||
BoolToNetHttpCookieTrackingFlow::flowPath(source.asPathNode2(), sink.asPathNode2()) and
|
||||
source.getNode().getBoolValue() = false and
|
||||
setCookieSink.getNode() = sink.getNode()
|
||||
)
|
||||
)
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds if there is gorilla cookie store creation to `Save` path and
|
||||
* `HttpOnly` is set to `false` or not set (default value is used).
|
||||
*/
|
||||
predicate isGorillaSessionsCookieFlow(
|
||||
GorillaTrackingFlow::PathNode source, GorillaTrackingFlow::PathNode sink
|
||||
) {
|
||||
exists(
|
||||
GorillaCookieStoreSaveTrackingFlow::PathNode cookieStoreCreate,
|
||||
GorillaCookieStoreSaveTrackingFlow::PathNode sessionSave
|
||||
|
|
||||
GorillaCookieStoreSaveTrackingFlow::flowPath(cookieStoreCreate, sessionSave) and
|
||||
(
|
||||
not GorillaSessionOptionsTrackingFlow::flowTo(sink.getNode()) and
|
||||
source.asPathNode1() = cookieStoreCreate and
|
||||
sink.asPathNode1() = sessionSave
|
||||
or
|
||||
exists(GorillaTrackingFlow::PathNode options, GorillaTrackingFlow::PathNode sessionSave2 |
|
||||
GorillaSessionOptionsTrackingFlow::flowPath(options.asPathNode2(),
|
||||
sessionSave2.asPathNode2()) and
|
||||
(
|
||||
not BoolToGorillaSessionOptionsTrackingFlow::flowTo(sink.getNode()) and
|
||||
sink = sessionSave2 and
|
||||
source = options and
|
||||
sessionSave.getNode() = sessionSave2.getNode()
|
||||
or
|
||||
BoolToGorillaSessionOptionsTrackingFlow::flowPath(source.asPathNode3(), sink.asPathNode3()) and
|
||||
source.getNode().getBoolValue() = false and
|
||||
sink.getNode() = sessionSave.getNode()
|
||||
)
|
||||
)
|
||||
)
|
||||
)
|
||||
}
|
||||
|
||||
from MergedFlow::PathNode source, MergedFlow::PathNode sink
|
||||
where
|
||||
isNetHttpCookieFlow(source.asPathNode1(), sink.asPathNode1()) or
|
||||
BoolToGinSetCookieTrackingFlow::flowPath(source.asPathNode2(), sink.asPathNode2()) or
|
||||
isGorillaSessionsCookieFlow(source.asPathNode3(), sink.asPathNode3())
|
||||
select sink.getNode(), source, sink, "Cookie attribute 'HttpOnly' is not set to true."
|
||||
@@ -1,17 +0,0 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
)
|
||||
|
||||
func handler(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
}
|
||||
http.SetCookie(w, &c)
|
||||
}
|
||||
|
||||
func main() {
|
||||
http.HandleFunc("/", handler)
|
||||
}
|
||||
@@ -1,18 +0,0 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
)
|
||||
|
||||
func handler(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
HttpOnly: true,
|
||||
}
|
||||
http.SetCookie(w, &c)
|
||||
}
|
||||
|
||||
func main() {
|
||||
http.HandleFunc("/", handler)
|
||||
}
|
||||
@@ -1,432 +0,0 @@
|
||||
edges
|
||||
| CookieWithoutHttpOnly.go:11:7:14:2 | struct literal | CookieWithoutHttpOnly.go:15:20:15:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:11:7:14:2 | struct literal | CookieWithoutHttpOnly.go:15:21:15:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:12:10:12:18 | "session" | CookieWithoutHttpOnly.go:11:7:14:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:15:20:15:21 | &... [pointer] | CookieWithoutHttpOnly.go:15:20:15:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:15:21:15:21 | c | CookieWithoutHttpOnly.go:15:20:15:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:15:21:15:21 | c | CookieWithoutHttpOnly.go:15:20:15:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:19:7:23:2 | struct literal | CookieWithoutHttpOnly.go:24:20:24:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:19:7:23:2 | struct literal | CookieWithoutHttpOnly.go:24:20:24:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:19:7:23:2 | struct literal | CookieWithoutHttpOnly.go:24:21:24:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:19:7:23:2 | struct literal | CookieWithoutHttpOnly.go:24:21:24:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:20:13:20:21 | "session" | CookieWithoutHttpOnly.go:19:7:23:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:22:13:22:17 | false | CookieWithoutHttpOnly.go:19:7:23:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:24:20:24:21 | &... [pointer] | CookieWithoutHttpOnly.go:24:20:24:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:24:20:24:21 | &... [pointer] | CookieWithoutHttpOnly.go:24:20:24:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:24:21:24:21 | c | CookieWithoutHttpOnly.go:24:20:24:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:24:21:24:21 | c | CookieWithoutHttpOnly.go:24:20:24:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:24:21:24:21 | c | CookieWithoutHttpOnly.go:24:20:24:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:24:21:24:21 | c | CookieWithoutHttpOnly.go:24:20:24:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:28:7:32:2 | struct literal | CookieWithoutHttpOnly.go:33:20:33:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:28:7:32:2 | struct literal | CookieWithoutHttpOnly.go:33:20:33:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:28:7:32:2 | struct literal | CookieWithoutHttpOnly.go:33:21:33:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:28:7:32:2 | struct literal | CookieWithoutHttpOnly.go:33:21:33:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:29:13:29:21 | "session" | CookieWithoutHttpOnly.go:28:7:32:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:31:13:31:16 | true | CookieWithoutHttpOnly.go:28:7:32:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:33:20:33:21 | &... [pointer] | CookieWithoutHttpOnly.go:33:20:33:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:33:20:33:21 | &... [pointer] | CookieWithoutHttpOnly.go:33:20:33:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:33:21:33:21 | c | CookieWithoutHttpOnly.go:33:20:33:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:33:21:33:21 | c | CookieWithoutHttpOnly.go:33:20:33:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:33:21:33:21 | c | CookieWithoutHttpOnly.go:33:20:33:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:33:21:33:21 | c | CookieWithoutHttpOnly.go:33:20:33:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:37:7:40:2 | struct literal | CookieWithoutHttpOnly.go:42:20:42:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:37:7:40:2 | struct literal | CookieWithoutHttpOnly.go:42:20:42:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:37:7:40:2 | struct literal | CookieWithoutHttpOnly.go:42:21:42:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:37:7:40:2 | struct literal | CookieWithoutHttpOnly.go:42:21:42:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:38:10:38:18 | "session" | CookieWithoutHttpOnly.go:37:7:40:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:41:15:41:18 | true | CookieWithoutHttpOnly.go:37:7:40:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:42:20:42:21 | &... [pointer] | CookieWithoutHttpOnly.go:42:20:42:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:42:20:42:21 | &... [pointer] | CookieWithoutHttpOnly.go:42:20:42:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:42:21:42:21 | c | CookieWithoutHttpOnly.go:42:20:42:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:42:21:42:21 | c | CookieWithoutHttpOnly.go:42:20:42:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:42:21:42:21 | c | CookieWithoutHttpOnly.go:42:20:42:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:42:21:42:21 | c | CookieWithoutHttpOnly.go:42:20:42:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:46:7:49:2 | struct literal | CookieWithoutHttpOnly.go:51:20:51:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:46:7:49:2 | struct literal | CookieWithoutHttpOnly.go:51:20:51:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:46:7:49:2 | struct literal | CookieWithoutHttpOnly.go:51:21:51:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:46:7:49:2 | struct literal | CookieWithoutHttpOnly.go:51:21:51:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:47:10:47:18 | "session" | CookieWithoutHttpOnly.go:46:7:49:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:50:15:50:19 | false | CookieWithoutHttpOnly.go:46:7:49:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:51:20:51:21 | &... [pointer] | CookieWithoutHttpOnly.go:51:20:51:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:51:20:51:21 | &... [pointer] | CookieWithoutHttpOnly.go:51:20:51:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:51:21:51:21 | c | CookieWithoutHttpOnly.go:51:20:51:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:51:21:51:21 | c | CookieWithoutHttpOnly.go:51:20:51:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:51:21:51:21 | c | CookieWithoutHttpOnly.go:51:20:51:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:51:21:51:21 | c | CookieWithoutHttpOnly.go:51:20:51:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:55:2:55:4 | definition of val | CookieWithoutHttpOnly.go:59:13:59:15 | val | provenance | |
|
||||
| CookieWithoutHttpOnly.go:55:9:55:13 | false | CookieWithoutHttpOnly.go:59:13:59:15 | val | provenance | |
|
||||
| CookieWithoutHttpOnly.go:56:7:60:2 | struct literal | CookieWithoutHttpOnly.go:61:20:61:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:56:7:60:2 | struct literal | CookieWithoutHttpOnly.go:61:20:61:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:56:7:60:2 | struct literal | CookieWithoutHttpOnly.go:61:21:61:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:56:7:60:2 | struct literal | CookieWithoutHttpOnly.go:61:21:61:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:57:13:57:21 | "session" | CookieWithoutHttpOnly.go:56:7:60:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:59:13:59:15 | val | CookieWithoutHttpOnly.go:56:7:60:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:61:20:61:21 | &... [pointer] | CookieWithoutHttpOnly.go:61:20:61:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:61:20:61:21 | &... [pointer] | CookieWithoutHttpOnly.go:61:20:61:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:61:21:61:21 | c | CookieWithoutHttpOnly.go:61:20:61:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:61:21:61:21 | c | CookieWithoutHttpOnly.go:61:20:61:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:61:21:61:21 | c | CookieWithoutHttpOnly.go:61:20:61:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:61:21:61:21 | c | CookieWithoutHttpOnly.go:61:20:61:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:65:2:65:4 | definition of val | CookieWithoutHttpOnly.go:69:13:69:15 | val | provenance | |
|
||||
| CookieWithoutHttpOnly.go:65:9:65:12 | true | CookieWithoutHttpOnly.go:69:13:69:15 | val | provenance | |
|
||||
| CookieWithoutHttpOnly.go:66:7:70:2 | struct literal | CookieWithoutHttpOnly.go:71:20:71:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:66:7:70:2 | struct literal | CookieWithoutHttpOnly.go:71:20:71:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:66:7:70:2 | struct literal | CookieWithoutHttpOnly.go:71:21:71:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:66:7:70:2 | struct literal | CookieWithoutHttpOnly.go:71:21:71:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:67:13:67:21 | "session" | CookieWithoutHttpOnly.go:66:7:70:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:69:13:69:15 | val | CookieWithoutHttpOnly.go:66:7:70:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:71:20:71:21 | &... [pointer] | CookieWithoutHttpOnly.go:71:20:71:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:71:20:71:21 | &... [pointer] | CookieWithoutHttpOnly.go:71:20:71:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:71:21:71:21 | c | CookieWithoutHttpOnly.go:71:20:71:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:71:21:71:21 | c | CookieWithoutHttpOnly.go:71:20:71:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:71:21:71:21 | c | CookieWithoutHttpOnly.go:71:20:71:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:71:21:71:21 | c | CookieWithoutHttpOnly.go:71:20:71:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:75:2:75:4 | definition of val | CookieWithoutHttpOnly.go:80:15:80:17 | val | provenance | |
|
||||
| CookieWithoutHttpOnly.go:75:9:75:12 | true | CookieWithoutHttpOnly.go:80:15:80:17 | val | provenance | |
|
||||
| CookieWithoutHttpOnly.go:76:7:79:2 | struct literal | CookieWithoutHttpOnly.go:81:20:81:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:76:7:79:2 | struct literal | CookieWithoutHttpOnly.go:81:20:81:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:76:7:79:2 | struct literal | CookieWithoutHttpOnly.go:81:21:81:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:76:7:79:2 | struct literal | CookieWithoutHttpOnly.go:81:21:81:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:77:10:77:18 | "session" | CookieWithoutHttpOnly.go:76:7:79:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:80:15:80:17 | val | CookieWithoutHttpOnly.go:76:7:79:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:81:20:81:21 | &... [pointer] | CookieWithoutHttpOnly.go:81:20:81:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:81:20:81:21 | &... [pointer] | CookieWithoutHttpOnly.go:81:20:81:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:81:21:81:21 | c | CookieWithoutHttpOnly.go:81:20:81:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:81:21:81:21 | c | CookieWithoutHttpOnly.go:81:20:81:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:81:21:81:21 | c | CookieWithoutHttpOnly.go:81:20:81:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:81:21:81:21 | c | CookieWithoutHttpOnly.go:81:20:81:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:85:2:85:4 | definition of val | CookieWithoutHttpOnly.go:90:15:90:17 | val | provenance | |
|
||||
| CookieWithoutHttpOnly.go:85:9:85:13 | false | CookieWithoutHttpOnly.go:90:15:90:17 | val | provenance | |
|
||||
| CookieWithoutHttpOnly.go:86:7:89:2 | struct literal | CookieWithoutHttpOnly.go:91:20:91:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:86:7:89:2 | struct literal | CookieWithoutHttpOnly.go:91:20:91:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:86:7:89:2 | struct literal | CookieWithoutHttpOnly.go:91:21:91:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:86:7:89:2 | struct literal | CookieWithoutHttpOnly.go:91:21:91:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:87:10:87:18 | "session" | CookieWithoutHttpOnly.go:86:7:89:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:90:15:90:17 | val | CookieWithoutHttpOnly.go:86:7:89:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:91:20:91:21 | &... [pointer] | CookieWithoutHttpOnly.go:91:20:91:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:91:20:91:21 | &... [pointer] | CookieWithoutHttpOnly.go:91:20:91:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:91:21:91:21 | c | CookieWithoutHttpOnly.go:91:20:91:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:91:21:91:21 | c | CookieWithoutHttpOnly.go:91:20:91:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:91:21:91:21 | c | CookieWithoutHttpOnly.go:91:20:91:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:91:21:91:21 | c | CookieWithoutHttpOnly.go:91:20:91:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:95:7:98:2 | struct literal | CookieWithoutHttpOnly.go:100:20:100:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:95:7:98:2 | struct literal | CookieWithoutHttpOnly.go:100:21:100:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:99:15:99:19 | false | CookieWithoutHttpOnly.go:95:7:98:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:100:20:100:21 | &... [pointer] | CookieWithoutHttpOnly.go:100:20:100:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:100:21:100:21 | c | CookieWithoutHttpOnly.go:100:20:100:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:100:21:100:21 | c | CookieWithoutHttpOnly.go:100:20:100:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:104:10:104:18 | "session" | CookieWithoutHttpOnly.go:106:10:106:13 | name | provenance | |
|
||||
| CookieWithoutHttpOnly.go:105:7:108:2 | struct literal | CookieWithoutHttpOnly.go:110:20:110:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:105:7:108:2 | struct literal | CookieWithoutHttpOnly.go:110:20:110:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:105:7:108:2 | struct literal | CookieWithoutHttpOnly.go:110:21:110:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:105:7:108:2 | struct literal | CookieWithoutHttpOnly.go:110:21:110:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:106:10:106:13 | name | CookieWithoutHttpOnly.go:105:7:108:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:109:15:109:19 | false | CookieWithoutHttpOnly.go:105:7:108:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:110:20:110:21 | &... [pointer] | CookieWithoutHttpOnly.go:110:20:110:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:110:20:110:21 | &... [pointer] | CookieWithoutHttpOnly.go:110:20:110:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:110:21:110:21 | c | CookieWithoutHttpOnly.go:110:20:110:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:110:21:110:21 | c | CookieWithoutHttpOnly.go:110:20:110:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:110:21:110:21 | c | CookieWithoutHttpOnly.go:110:20:110:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:110:21:110:21 | c | CookieWithoutHttpOnly.go:110:20:110:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:114:13:114:24 | "login_name" | CookieWithoutHttpOnly.go:116:10:116:16 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:115:7:118:2 | struct literal | CookieWithoutHttpOnly.go:120:20:120:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:115:7:118:2 | struct literal | CookieWithoutHttpOnly.go:120:20:120:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:115:7:118:2 | struct literal | CookieWithoutHttpOnly.go:120:21:120:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:115:7:118:2 | struct literal | CookieWithoutHttpOnly.go:120:21:120:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:116:10:116:16 | session | CookieWithoutHttpOnly.go:115:7:118:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:119:15:119:19 | false | CookieWithoutHttpOnly.go:115:7:118:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:120:20:120:21 | &... [pointer] | CookieWithoutHttpOnly.go:120:20:120:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:120:20:120:21 | &... [pointer] | CookieWithoutHttpOnly.go:120:20:120:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:120:21:120:21 | c | CookieWithoutHttpOnly.go:120:20:120:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:120:21:120:21 | c | CookieWithoutHttpOnly.go:120:20:120:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:120:21:120:21 | c | CookieWithoutHttpOnly.go:120:20:120:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:120:21:120:21 | c | CookieWithoutHttpOnly.go:120:20:120:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:123:13:123:49 | call to NewCookieStore | CookieWithoutHttpOnly.go:126:16:126:20 | store | provenance | |
|
||||
| CookieWithoutHttpOnly.go:123:13:123:49 | call to NewCookieStore | CookieWithoutHttpOnly.go:134:16:134:20 | store | provenance | |
|
||||
| CookieWithoutHttpOnly.go:123:13:123:49 | call to NewCookieStore | CookieWithoutHttpOnly.go:146:16:146:20 | store | provenance | |
|
||||
| CookieWithoutHttpOnly.go:123:13:123:49 | call to NewCookieStore | CookieWithoutHttpOnly.go:158:16:158:20 | store | provenance | |
|
||||
| CookieWithoutHttpOnly.go:123:13:123:49 | call to NewCookieStore | CookieWithoutHttpOnly.go:170:16:170:20 | store | provenance | |
|
||||
| CookieWithoutHttpOnly.go:123:13:123:49 | call to NewCookieStore | CookieWithoutHttpOnly.go:183:16:183:20 | store | provenance | |
|
||||
| CookieWithoutHttpOnly.go:123:13:123:49 | call to NewCookieStore | CookieWithoutHttpOnly.go:195:16:195:20 | store | provenance | |
|
||||
| CookieWithoutHttpOnly.go:126:2:126:43 | ... := ...[0] | CookieWithoutHttpOnly.go:129:2:129:8 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:126:16:126:20 | store | CookieWithoutHttpOnly.go:126:2:126:43 | ... := ...[0] | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:133:2:133:9 | definition of httpOnly | CookieWithoutHttpOnly.go:139:13:139:20 | httpOnly | provenance | |
|
||||
| CookieWithoutHttpOnly.go:133:14:133:18 | false | CookieWithoutHttpOnly.go:139:13:139:20 | httpOnly | provenance | |
|
||||
| CookieWithoutHttpOnly.go:134:2:134:43 | ... := ...[0] | CookieWithoutHttpOnly.go:142:2:142:8 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:134:16:134:20 | store | CookieWithoutHttpOnly.go:134:2:134:43 | ... := ...[0] | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:137:2:137:8 | implicit dereference [postupdate] | CookieWithoutHttpOnly.go:137:2:137:8 | session [postupdate] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:137:2:137:8 | implicit dereference [postupdate] | CookieWithoutHttpOnly.go:137:2:137:8 | session [postupdate] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:137:2:137:8 | implicit dereference [postupdate] | CookieWithoutHttpOnly.go:137:2:137:8 | session [postupdate] [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:137:2:137:8 | implicit dereference [postupdate] | CookieWithoutHttpOnly.go:137:2:137:8 | session [postupdate] [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:137:2:137:8 | session [postupdate] | CookieWithoutHttpOnly.go:142:2:142:8 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:137:2:137:8 | session [postupdate] | CookieWithoutHttpOnly.go:142:2:142:8 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:137:2:137:8 | session [postupdate] [pointer] | CookieWithoutHttpOnly.go:142:2:142:8 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:137:2:137:8 | session [postupdate] [pointer] | CookieWithoutHttpOnly.go:142:2:142:8 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:137:20:140:2 | &... | CookieWithoutHttpOnly.go:137:2:137:8 | implicit dereference [postupdate] | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:137:20:140:2 | &... | CookieWithoutHttpOnly.go:137:2:137:8 | implicit dereference [postupdate] | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:137:20:140:2 | &... | CookieWithoutHttpOnly.go:137:2:137:8 | session [postupdate] | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:137:20:140:2 | &... | CookieWithoutHttpOnly.go:137:2:137:8 | session [postupdate] | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:137:21:140:2 | struct literal | CookieWithoutHttpOnly.go:137:20:140:2 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:137:21:140:2 | struct literal | CookieWithoutHttpOnly.go:137:20:140:2 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:139:13:139:20 | httpOnly | CookieWithoutHttpOnly.go:137:21:140:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:146:2:146:43 | ... := ...[0] | CookieWithoutHttpOnly.go:153:2:153:8 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:146:16:146:20 | store | CookieWithoutHttpOnly.go:146:2:146:43 | ... := ...[0] | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:149:2:149:8 | implicit dereference [postupdate] | CookieWithoutHttpOnly.go:149:2:149:8 | session [postupdate] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:149:2:149:8 | implicit dereference [postupdate] | CookieWithoutHttpOnly.go:149:2:149:8 | session [postupdate] [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:149:2:149:8 | session [postupdate] | CookieWithoutHttpOnly.go:153:2:153:8 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:149:2:149:8 | session [postupdate] [pointer] | CookieWithoutHttpOnly.go:153:2:153:8 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:149:20:151:2 | &... | CookieWithoutHttpOnly.go:149:2:149:8 | implicit dereference [postupdate] | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:149:20:151:2 | &... | CookieWithoutHttpOnly.go:149:2:149:8 | session [postupdate] | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:149:21:151:2 | struct literal | CookieWithoutHttpOnly.go:149:20:151:2 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:157:2:157:9 | definition of httpOnly | CookieWithoutHttpOnly.go:163:13:163:20 | httpOnly | provenance | |
|
||||
| CookieWithoutHttpOnly.go:157:14:157:17 | true | CookieWithoutHttpOnly.go:163:13:163:20 | httpOnly | provenance | |
|
||||
| CookieWithoutHttpOnly.go:158:2:158:43 | ... := ...[0] | CookieWithoutHttpOnly.go:166:2:166:8 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:158:16:158:20 | store | CookieWithoutHttpOnly.go:158:2:158:43 | ... := ...[0] | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:161:2:161:8 | implicit dereference [postupdate] | CookieWithoutHttpOnly.go:161:2:161:8 | session [postupdate] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:161:2:161:8 | implicit dereference [postupdate] | CookieWithoutHttpOnly.go:161:2:161:8 | session [postupdate] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:161:2:161:8 | implicit dereference [postupdate] | CookieWithoutHttpOnly.go:161:2:161:8 | session [postupdate] [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:161:2:161:8 | implicit dereference [postupdate] | CookieWithoutHttpOnly.go:161:2:161:8 | session [postupdate] [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:161:2:161:8 | session [postupdate] | CookieWithoutHttpOnly.go:166:2:166:8 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:161:2:161:8 | session [postupdate] | CookieWithoutHttpOnly.go:166:2:166:8 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:161:2:161:8 | session [postupdate] [pointer] | CookieWithoutHttpOnly.go:166:2:166:8 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:161:2:161:8 | session [postupdate] [pointer] | CookieWithoutHttpOnly.go:166:2:166:8 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:161:20:164:2 | &... | CookieWithoutHttpOnly.go:161:2:161:8 | implicit dereference [postupdate] | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:161:20:164:2 | &... | CookieWithoutHttpOnly.go:161:2:161:8 | implicit dereference [postupdate] | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:161:20:164:2 | &... | CookieWithoutHttpOnly.go:161:2:161:8 | session [postupdate] | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:161:20:164:2 | &... | CookieWithoutHttpOnly.go:161:2:161:8 | session [postupdate] | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:161:21:164:2 | struct literal | CookieWithoutHttpOnly.go:161:20:164:2 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:161:21:164:2 | struct literal | CookieWithoutHttpOnly.go:161:20:164:2 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:163:13:163:20 | httpOnly | CookieWithoutHttpOnly.go:161:21:164:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:169:56:169:63 | argument corresponding to httpOnly | CookieWithoutHttpOnly.go:175:13:175:20 | httpOnly | provenance | |
|
||||
| CookieWithoutHttpOnly.go:169:56:169:63 | definition of httpOnly | CookieWithoutHttpOnly.go:175:13:175:20 | httpOnly | provenance | |
|
||||
| CookieWithoutHttpOnly.go:170:2:170:43 | ... := ...[0] | CookieWithoutHttpOnly.go:178:2:178:8 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:170:16:170:20 | store | CookieWithoutHttpOnly.go:170:2:170:43 | ... := ...[0] | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:173:2:173:8 | implicit dereference [postupdate] | CookieWithoutHttpOnly.go:173:2:173:8 | session [postupdate] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:173:2:173:8 | implicit dereference [postupdate] | CookieWithoutHttpOnly.go:173:2:173:8 | session [postupdate] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:173:2:173:8 | implicit dereference [postupdate] | CookieWithoutHttpOnly.go:173:2:173:8 | session [postupdate] [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:173:2:173:8 | implicit dereference [postupdate] | CookieWithoutHttpOnly.go:173:2:173:8 | session [postupdate] [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:173:2:173:8 | session [postupdate] | CookieWithoutHttpOnly.go:178:2:178:8 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:173:2:173:8 | session [postupdate] | CookieWithoutHttpOnly.go:178:2:178:8 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:173:2:173:8 | session [postupdate] [pointer] | CookieWithoutHttpOnly.go:178:2:178:8 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:173:2:173:8 | session [postupdate] [pointer] | CookieWithoutHttpOnly.go:178:2:178:8 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:173:20:176:2 | &... | CookieWithoutHttpOnly.go:173:2:173:8 | implicit dereference [postupdate] | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:173:20:176:2 | &... | CookieWithoutHttpOnly.go:173:2:173:8 | implicit dereference [postupdate] | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:173:20:176:2 | &... | CookieWithoutHttpOnly.go:173:2:173:8 | session [postupdate] | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:173:20:176:2 | &... | CookieWithoutHttpOnly.go:173:2:173:8 | session [postupdate] | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:173:21:176:2 | struct literal | CookieWithoutHttpOnly.go:173:20:176:2 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:173:21:176:2 | struct literal | CookieWithoutHttpOnly.go:173:20:176:2 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:175:13:175:20 | httpOnly | CookieWithoutHttpOnly.go:173:21:176:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:183:2:183:43 | ... := ...[0] | CookieWithoutHttpOnly.go:191:19:191:25 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:183:16:183:20 | store | CookieWithoutHttpOnly.go:183:2:183:43 | ... := ...[0] | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:195:2:195:43 | ... := ...[0] | CookieWithoutHttpOnly.go:202:19:202:25 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:195:16:195:20 | store | CookieWithoutHttpOnly.go:195:2:195:43 | ... := ...[0] | provenance | Config |
|
||||
nodes
|
||||
| CookieWithoutHttpOnly.go:11:7:14:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:12:10:12:18 | "session" | semmle.label | "session" |
|
||||
| CookieWithoutHttpOnly.go:15:20:15:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:15:20:15:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:15:21:15:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:19:7:23:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:19:7:23:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:20:13:20:21 | "session" | semmle.label | "session" |
|
||||
| CookieWithoutHttpOnly.go:22:13:22:17 | false | semmle.label | false |
|
||||
| CookieWithoutHttpOnly.go:24:20:24:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:24:20:24:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:24:20:24:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:24:20:24:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:24:21:24:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:24:21:24:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:28:7:32:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:28:7:32:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:29:13:29:21 | "session" | semmle.label | "session" |
|
||||
| CookieWithoutHttpOnly.go:31:13:31:16 | true | semmle.label | true |
|
||||
| CookieWithoutHttpOnly.go:33:20:33:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:33:20:33:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:33:20:33:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:33:20:33:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:33:21:33:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:33:21:33:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:37:7:40:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:37:7:40:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:38:10:38:18 | "session" | semmle.label | "session" |
|
||||
| CookieWithoutHttpOnly.go:41:15:41:18 | true | semmle.label | true |
|
||||
| CookieWithoutHttpOnly.go:42:20:42:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:42:20:42:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:42:20:42:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:42:20:42:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:42:21:42:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:42:21:42:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:46:7:49:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:46:7:49:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:47:10:47:18 | "session" | semmle.label | "session" |
|
||||
| CookieWithoutHttpOnly.go:50:15:50:19 | false | semmle.label | false |
|
||||
| CookieWithoutHttpOnly.go:51:20:51:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:51:20:51:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:51:20:51:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:51:20:51:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:51:21:51:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:51:21:51:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:55:2:55:4 | definition of val | semmle.label | definition of val |
|
||||
| CookieWithoutHttpOnly.go:55:9:55:13 | false | semmle.label | false |
|
||||
| CookieWithoutHttpOnly.go:56:7:60:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:56:7:60:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:57:13:57:21 | "session" | semmle.label | "session" |
|
||||
| CookieWithoutHttpOnly.go:59:13:59:15 | val | semmle.label | val |
|
||||
| CookieWithoutHttpOnly.go:61:20:61:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:61:20:61:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:61:20:61:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:61:20:61:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:61:21:61:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:61:21:61:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:65:2:65:4 | definition of val | semmle.label | definition of val |
|
||||
| CookieWithoutHttpOnly.go:65:9:65:12 | true | semmle.label | true |
|
||||
| CookieWithoutHttpOnly.go:66:7:70:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:66:7:70:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:67:13:67:21 | "session" | semmle.label | "session" |
|
||||
| CookieWithoutHttpOnly.go:69:13:69:15 | val | semmle.label | val |
|
||||
| CookieWithoutHttpOnly.go:71:20:71:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:71:20:71:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:71:20:71:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:71:20:71:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:71:21:71:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:71:21:71:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:75:2:75:4 | definition of val | semmle.label | definition of val |
|
||||
| CookieWithoutHttpOnly.go:75:9:75:12 | true | semmle.label | true |
|
||||
| CookieWithoutHttpOnly.go:76:7:79:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:76:7:79:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:77:10:77:18 | "session" | semmle.label | "session" |
|
||||
| CookieWithoutHttpOnly.go:80:15:80:17 | val | semmle.label | val |
|
||||
| CookieWithoutHttpOnly.go:81:20:81:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:81:20:81:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:81:20:81:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:81:20:81:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:81:21:81:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:81:21:81:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:85:2:85:4 | definition of val | semmle.label | definition of val |
|
||||
| CookieWithoutHttpOnly.go:85:9:85:13 | false | semmle.label | false |
|
||||
| CookieWithoutHttpOnly.go:86:7:89:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:86:7:89:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:87:10:87:18 | "session" | semmle.label | "session" |
|
||||
| CookieWithoutHttpOnly.go:90:15:90:17 | val | semmle.label | val |
|
||||
| CookieWithoutHttpOnly.go:91:20:91:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:91:20:91:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:91:20:91:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:91:20:91:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:91:21:91:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:91:21:91:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:95:7:98:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:99:15:99:19 | false | semmle.label | false |
|
||||
| CookieWithoutHttpOnly.go:100:20:100:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:100:20:100:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:100:21:100:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:104:10:104:18 | "session" | semmle.label | "session" |
|
||||
| CookieWithoutHttpOnly.go:105:7:108:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:105:7:108:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:106:10:106:13 | name | semmle.label | name |
|
||||
| CookieWithoutHttpOnly.go:109:15:109:19 | false | semmle.label | false |
|
||||
| CookieWithoutHttpOnly.go:110:20:110:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:110:20:110:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:110:20:110:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:110:20:110:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:110:21:110:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:110:21:110:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:114:13:114:24 | "login_name" | semmle.label | "login_name" |
|
||||
| CookieWithoutHttpOnly.go:115:7:118:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:115:7:118:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:116:10:116:16 | session | semmle.label | session |
|
||||
| CookieWithoutHttpOnly.go:119:15:119:19 | false | semmle.label | false |
|
||||
| CookieWithoutHttpOnly.go:120:20:120:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:120:20:120:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:120:20:120:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:120:20:120:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:120:21:120:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:120:21:120:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:123:13:123:49 | call to NewCookieStore | semmle.label | call to NewCookieStore |
|
||||
| CookieWithoutHttpOnly.go:126:2:126:43 | ... := ...[0] | semmle.label | ... := ...[0] |
|
||||
| CookieWithoutHttpOnly.go:126:16:126:20 | store | semmle.label | store |
|
||||
| CookieWithoutHttpOnly.go:129:2:129:8 | session | semmle.label | session |
|
||||
| CookieWithoutHttpOnly.go:133:2:133:9 | definition of httpOnly | semmle.label | definition of httpOnly |
|
||||
| CookieWithoutHttpOnly.go:133:14:133:18 | false | semmle.label | false |
|
||||
| CookieWithoutHttpOnly.go:134:2:134:43 | ... := ...[0] | semmle.label | ... := ...[0] |
|
||||
| CookieWithoutHttpOnly.go:134:16:134:20 | store | semmle.label | store |
|
||||
| CookieWithoutHttpOnly.go:137:2:137:8 | implicit dereference [postupdate] | semmle.label | implicit dereference [postupdate] |
|
||||
| CookieWithoutHttpOnly.go:137:2:137:8 | implicit dereference [postupdate] | semmle.label | implicit dereference [postupdate] |
|
||||
| CookieWithoutHttpOnly.go:137:2:137:8 | session [postupdate] | semmle.label | session [postupdate] |
|
||||
| CookieWithoutHttpOnly.go:137:2:137:8 | session [postupdate] | semmle.label | session [postupdate] |
|
||||
| CookieWithoutHttpOnly.go:137:2:137:8 | session [postupdate] [pointer] | semmle.label | session [postupdate] [pointer] |
|
||||
| CookieWithoutHttpOnly.go:137:2:137:8 | session [postupdate] [pointer] | semmle.label | session [postupdate] [pointer] |
|
||||
| CookieWithoutHttpOnly.go:137:20:140:2 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:137:20:140:2 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:137:21:140:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:137:21:140:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:139:13:139:20 | httpOnly | semmle.label | httpOnly |
|
||||
| CookieWithoutHttpOnly.go:142:2:142:8 | session | semmle.label | session |
|
||||
| CookieWithoutHttpOnly.go:142:2:142:8 | session | semmle.label | session |
|
||||
| CookieWithoutHttpOnly.go:142:2:142:8 | session | semmle.label | session |
|
||||
| CookieWithoutHttpOnly.go:146:2:146:43 | ... := ...[0] | semmle.label | ... := ...[0] |
|
||||
| CookieWithoutHttpOnly.go:146:16:146:20 | store | semmle.label | store |
|
||||
| CookieWithoutHttpOnly.go:149:2:149:8 | implicit dereference [postupdate] | semmle.label | implicit dereference [postupdate] |
|
||||
| CookieWithoutHttpOnly.go:149:2:149:8 | session [postupdate] | semmle.label | session [postupdate] |
|
||||
| CookieWithoutHttpOnly.go:149:2:149:8 | session [postupdate] [pointer] | semmle.label | session [postupdate] [pointer] |
|
||||
| CookieWithoutHttpOnly.go:149:20:151:2 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:149:21:151:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:153:2:153:8 | session | semmle.label | session |
|
||||
| CookieWithoutHttpOnly.go:153:2:153:8 | session | semmle.label | session |
|
||||
| CookieWithoutHttpOnly.go:157:2:157:9 | definition of httpOnly | semmle.label | definition of httpOnly |
|
||||
| CookieWithoutHttpOnly.go:157:14:157:17 | true | semmle.label | true |
|
||||
| CookieWithoutHttpOnly.go:158:2:158:43 | ... := ...[0] | semmle.label | ... := ...[0] |
|
||||
| CookieWithoutHttpOnly.go:158:16:158:20 | store | semmle.label | store |
|
||||
| CookieWithoutHttpOnly.go:161:2:161:8 | implicit dereference [postupdate] | semmle.label | implicit dereference [postupdate] |
|
||||
| CookieWithoutHttpOnly.go:161:2:161:8 | implicit dereference [postupdate] | semmle.label | implicit dereference [postupdate] |
|
||||
| CookieWithoutHttpOnly.go:161:2:161:8 | session [postupdate] | semmle.label | session [postupdate] |
|
||||
| CookieWithoutHttpOnly.go:161:2:161:8 | session [postupdate] | semmle.label | session [postupdate] |
|
||||
| CookieWithoutHttpOnly.go:161:2:161:8 | session [postupdate] [pointer] | semmle.label | session [postupdate] [pointer] |
|
||||
| CookieWithoutHttpOnly.go:161:2:161:8 | session [postupdate] [pointer] | semmle.label | session [postupdate] [pointer] |
|
||||
| CookieWithoutHttpOnly.go:161:20:164:2 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:161:20:164:2 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:161:21:164:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:161:21:164:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:163:13:163:20 | httpOnly | semmle.label | httpOnly |
|
||||
| CookieWithoutHttpOnly.go:166:2:166:8 | session | semmle.label | session |
|
||||
| CookieWithoutHttpOnly.go:166:2:166:8 | session | semmle.label | session |
|
||||
| CookieWithoutHttpOnly.go:166:2:166:8 | session | semmle.label | session |
|
||||
| CookieWithoutHttpOnly.go:169:56:169:63 | argument corresponding to httpOnly | semmle.label | argument corresponding to httpOnly |
|
||||
| CookieWithoutHttpOnly.go:169:56:169:63 | definition of httpOnly | semmle.label | definition of httpOnly |
|
||||
| CookieWithoutHttpOnly.go:170:2:170:43 | ... := ...[0] | semmle.label | ... := ...[0] |
|
||||
| CookieWithoutHttpOnly.go:170:16:170:20 | store | semmle.label | store |
|
||||
| CookieWithoutHttpOnly.go:173:2:173:8 | implicit dereference [postupdate] | semmle.label | implicit dereference [postupdate] |
|
||||
| CookieWithoutHttpOnly.go:173:2:173:8 | implicit dereference [postupdate] | semmle.label | implicit dereference [postupdate] |
|
||||
| CookieWithoutHttpOnly.go:173:2:173:8 | session [postupdate] | semmle.label | session [postupdate] |
|
||||
| CookieWithoutHttpOnly.go:173:2:173:8 | session [postupdate] | semmle.label | session [postupdate] |
|
||||
| CookieWithoutHttpOnly.go:173:2:173:8 | session [postupdate] [pointer] | semmle.label | session [postupdate] [pointer] |
|
||||
| CookieWithoutHttpOnly.go:173:2:173:8 | session [postupdate] [pointer] | semmle.label | session [postupdate] [pointer] |
|
||||
| CookieWithoutHttpOnly.go:173:20:176:2 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:173:20:176:2 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:173:21:176:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:173:21:176:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:175:13:175:20 | httpOnly | semmle.label | httpOnly |
|
||||
| CookieWithoutHttpOnly.go:178:2:178:8 | session | semmle.label | session |
|
||||
| CookieWithoutHttpOnly.go:178:2:178:8 | session | semmle.label | session |
|
||||
| CookieWithoutHttpOnly.go:178:2:178:8 | session | semmle.label | session |
|
||||
| CookieWithoutHttpOnly.go:183:2:183:43 | ... := ...[0] | semmle.label | ... := ...[0] |
|
||||
| CookieWithoutHttpOnly.go:183:16:183:20 | store | semmle.label | store |
|
||||
| CookieWithoutHttpOnly.go:191:19:191:25 | session | semmle.label | session |
|
||||
| CookieWithoutHttpOnly.go:195:2:195:43 | ... := ...[0] | semmle.label | ... := ...[0] |
|
||||
| CookieWithoutHttpOnly.go:195:16:195:20 | store | semmle.label | store |
|
||||
| CookieWithoutHttpOnly.go:202:19:202:25 | session | semmle.label | session |
|
||||
| CookieWithoutHttpOnly.go:214:66:214:70 | false | semmle.label | false |
|
||||
subpaths
|
||||
#select
|
||||
| CookieWithoutHttpOnly.go:15:20:15:21 | &... | CookieWithoutHttpOnly.go:12:10:12:18 | "session" | CookieWithoutHttpOnly.go:15:20:15:21 | &... | Cookie attribute 'HttpOnly' is not set to true. |
|
||||
| CookieWithoutHttpOnly.go:24:20:24:21 | &... | CookieWithoutHttpOnly.go:22:13:22:17 | false | CookieWithoutHttpOnly.go:24:20:24:21 | &... | Cookie attribute 'HttpOnly' is not set to true. |
|
||||
| CookieWithoutHttpOnly.go:51:20:51:21 | &... | CookieWithoutHttpOnly.go:50:15:50:19 | false | CookieWithoutHttpOnly.go:51:20:51:21 | &... | Cookie attribute 'HttpOnly' is not set to true. |
|
||||
| CookieWithoutHttpOnly.go:61:20:61:21 | &... | CookieWithoutHttpOnly.go:55:9:55:13 | false | CookieWithoutHttpOnly.go:61:20:61:21 | &... | Cookie attribute 'HttpOnly' is not set to true. |
|
||||
| CookieWithoutHttpOnly.go:91:20:91:21 | &... | CookieWithoutHttpOnly.go:85:9:85:13 | false | CookieWithoutHttpOnly.go:91:20:91:21 | &... | Cookie attribute 'HttpOnly' is not set to true. |
|
||||
| CookieWithoutHttpOnly.go:110:20:110:21 | &... | CookieWithoutHttpOnly.go:109:15:109:19 | false | CookieWithoutHttpOnly.go:110:20:110:21 | &... | Cookie attribute 'HttpOnly' is not set to true. |
|
||||
| CookieWithoutHttpOnly.go:120:20:120:21 | &... | CookieWithoutHttpOnly.go:119:15:119:19 | false | CookieWithoutHttpOnly.go:120:20:120:21 | &... | Cookie attribute 'HttpOnly' is not set to true. |
|
||||
| CookieWithoutHttpOnly.go:129:2:129:8 | session | CookieWithoutHttpOnly.go:123:13:123:49 | call to NewCookieStore | CookieWithoutHttpOnly.go:129:2:129:8 | session | Cookie attribute 'HttpOnly' is not set to true. |
|
||||
| CookieWithoutHttpOnly.go:142:2:142:8 | session | CookieWithoutHttpOnly.go:133:14:133:18 | false | CookieWithoutHttpOnly.go:142:2:142:8 | session | Cookie attribute 'HttpOnly' is not set to true. |
|
||||
| CookieWithoutHttpOnly.go:153:2:153:8 | session | CookieWithoutHttpOnly.go:149:21:151:2 | struct literal | CookieWithoutHttpOnly.go:153:2:153:8 | session | Cookie attribute 'HttpOnly' is not set to true. |
|
||||
| CookieWithoutHttpOnly.go:191:19:191:25 | session | CookieWithoutHttpOnly.go:123:13:123:49 | call to NewCookieStore | CookieWithoutHttpOnly.go:191:19:191:25 | session | Cookie attribute 'HttpOnly' is not set to true. |
|
||||
| CookieWithoutHttpOnly.go:202:19:202:25 | session | CookieWithoutHttpOnly.go:123:13:123:49 | call to NewCookieStore | CookieWithoutHttpOnly.go:202:19:202:25 | session | Cookie attribute 'HttpOnly' is not set to true. |
|
||||
| CookieWithoutHttpOnly.go:214:66:214:70 | false | CookieWithoutHttpOnly.go:214:66:214:70 | false | CookieWithoutHttpOnly.go:214:66:214:70 | false | Cookie attribute 'HttpOnly' is not set to true. |
|
||||
@@ -1,219 +0,0 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/gorilla/sessions"
|
||||
)
|
||||
|
||||
func handler1(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
}
|
||||
http.SetCookie(w, &c) // BAD: HttpOnly set to false by default
|
||||
}
|
||||
|
||||
func handler2(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
HttpOnly: false,
|
||||
}
|
||||
http.SetCookie(w, &c) // BAD: HttpOnly explicitly set to false
|
||||
}
|
||||
|
||||
func handler3(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
HttpOnly: true,
|
||||
}
|
||||
http.SetCookie(w, &c) // GOOD: HttpOnly explicitly set to true
|
||||
}
|
||||
|
||||
func handler4(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
}
|
||||
c.HttpOnly = true
|
||||
http.SetCookie(w, &c) // GOOD: HttpOnly explicitly set to true
|
||||
}
|
||||
|
||||
func handler5(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
}
|
||||
c.HttpOnly = false
|
||||
http.SetCookie(w, &c) // BAD: HttpOnly explicitly set to false
|
||||
}
|
||||
|
||||
func handler6(w http.ResponseWriter, r *http.Request) {
|
||||
val := false
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
HttpOnly: val,
|
||||
}
|
||||
http.SetCookie(w, &c) // BAD: HttpOnly explicitly set to false
|
||||
}
|
||||
|
||||
func handler7(w http.ResponseWriter, r *http.Request) {
|
||||
val := true
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
HttpOnly: val,
|
||||
}
|
||||
http.SetCookie(w, &c) // GOOD: HttpOnly explicitly set to true
|
||||
}
|
||||
|
||||
func handler8(w http.ResponseWriter, r *http.Request) {
|
||||
val := true
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
}
|
||||
c.HttpOnly = val
|
||||
http.SetCookie(w, &c) // GOOD: HttpOnly explicitly set to true
|
||||
}
|
||||
|
||||
func handler9(w http.ResponseWriter, r *http.Request) {
|
||||
val := false
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
}
|
||||
c.HttpOnly = val
|
||||
http.SetCookie(w, &c) // BAD: HttpOnly explicitly set to false
|
||||
}
|
||||
|
||||
func handler10(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "consent",
|
||||
Value: "1",
|
||||
}
|
||||
c.HttpOnly = false
|
||||
http.SetCookie(w, &c) // GOOD: Name is not auth related
|
||||
}
|
||||
|
||||
func handler11(w http.ResponseWriter, r *http.Request) {
|
||||
name := "session"
|
||||
c := http.Cookie{
|
||||
Name: name,
|
||||
Value: "secret",
|
||||
}
|
||||
c.HttpOnly = false
|
||||
http.SetCookie(w, &c) // BAD: auth related name
|
||||
}
|
||||
|
||||
func handler12(w http.ResponseWriter, r *http.Request) {
|
||||
session := "login_name"
|
||||
c := http.Cookie{
|
||||
Name: session,
|
||||
Value: "secret",
|
||||
}
|
||||
c.HttpOnly = false
|
||||
http.SetCookie(w, &c) // BAD: auth related name
|
||||
}
|
||||
|
||||
var store = sessions.NewCookieStore([]byte("aa"))
|
||||
|
||||
func handler13(w http.ResponseWriter, r *http.Request) {
|
||||
session, _ := store.Get(r, "session-name")
|
||||
session.Values["foo"] = "secret"
|
||||
|
||||
session.Save(r, w) // BAD: Default options are set (false)
|
||||
}
|
||||
|
||||
func handler14(w http.ResponseWriter, r *http.Request) {
|
||||
httpOnly := false
|
||||
session, _ := store.Get(r, "session-name")
|
||||
session.Values["foo"] = "secret"
|
||||
|
||||
session.Options = &sessions.Options{
|
||||
MaxAge: -1,
|
||||
HttpOnly: httpOnly,
|
||||
}
|
||||
|
||||
session.Save(r, w) // BAD: Explicitly set to false
|
||||
}
|
||||
|
||||
func handler15(w http.ResponseWriter, r *http.Request) {
|
||||
session, _ := store.Get(r, "session-name")
|
||||
session.Values["foo"] = "secret"
|
||||
|
||||
session.Options = &sessions.Options{
|
||||
MaxAge: -1,
|
||||
}
|
||||
|
||||
session.Save(r, w) // BAD: default (false) is used
|
||||
}
|
||||
|
||||
func handler16(w http.ResponseWriter, r *http.Request) {
|
||||
httpOnly := true
|
||||
session, _ := store.Get(r, "session-name")
|
||||
session.Values["foo"] = "secret"
|
||||
|
||||
session.Options = &sessions.Options{
|
||||
MaxAge: -1,
|
||||
HttpOnly: httpOnly,
|
||||
}
|
||||
|
||||
session.Save(r, w) // GOOD: value is true
|
||||
}
|
||||
|
||||
func handler17(w http.ResponseWriter, r *http.Request, httpOnly bool) {
|
||||
session, _ := store.Get(r, "session-name")
|
||||
session.Values["foo"] = "secret"
|
||||
|
||||
session.Options = &sessions.Options{
|
||||
MaxAge: -1,
|
||||
HttpOnly: httpOnly,
|
||||
}
|
||||
|
||||
session.Save(r, w) // GOOD: value is unknown
|
||||
}
|
||||
|
||||
func handler18(w http.ResponseWriter, r *http.Request) {
|
||||
httpOnly := false
|
||||
session, _ := store.Get(r, "session-name")
|
||||
session.Values["foo"] = "secret"
|
||||
|
||||
session.Options = &sessions.Options{
|
||||
MaxAge: -1,
|
||||
HttpOnly: httpOnly,
|
||||
}
|
||||
|
||||
store.Save(r, w, session) // BAD: Explicitly set to false
|
||||
}
|
||||
|
||||
func handler19(w http.ResponseWriter, r *http.Request) {
|
||||
session, _ := store.Get(r, "session-name")
|
||||
session.Values["foo"] = "secret"
|
||||
|
||||
session.Options = &sessions.Options{
|
||||
MaxAge: -1,
|
||||
}
|
||||
|
||||
store.Save(r, w, session) // BAD: default (false) is used
|
||||
}
|
||||
|
||||
func main() {
|
||||
|
||||
router := gin.Default()
|
||||
|
||||
router.GET("/cookie", func(c *gin.Context) {
|
||||
|
||||
_, err := c.Cookie("session")
|
||||
|
||||
if err != nil {
|
||||
c.SetCookie("session", "test", 3600, "/", "localhost", false, false) // BAD: httpOnly set to false
|
||||
}
|
||||
})
|
||||
|
||||
router.Run()
|
||||
}
|
||||
@@ -1 +0,0 @@
|
||||
experimental/CWE-1004/CookieWithoutHttpOnly.ql
|
||||
75
go/ql/test/experimental/CWE-1004/vendor/github.com/gorilla/sessions/stub.go
generated
vendored
75
go/ql/test/experimental/CWE-1004/vendor/github.com/gorilla/sessions/stub.go
generated
vendored
@@ -1,75 +0,0 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/gorilla/sessions, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/gorilla/sessions (exports: CookieStore; functions: NewCookieStore)
|
||||
|
||||
// Package sessions is a stub of github.com/gorilla/sessions, generated by depstubber.
|
||||
package sessions
|
||||
|
||||
import (
|
||||
http "net/http"
|
||||
)
|
||||
|
||||
type CookieStore struct {
|
||||
Codecs []interface{}
|
||||
Options *Options
|
||||
}
|
||||
|
||||
func (_ *CookieStore) Get(_ *http.Request, _ string) (*Session, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *CookieStore) MaxAge(_ int) {}
|
||||
|
||||
func (_ *CookieStore) New(_ *http.Request, _ string) (*Session, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *CookieStore) Save(_ *http.Request, _ http.ResponseWriter, _ *Session) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func NewCookieStore(_ ...[]byte) *CookieStore {
|
||||
return nil
|
||||
}
|
||||
|
||||
type Options struct {
|
||||
Path string
|
||||
Domain string
|
||||
MaxAge int
|
||||
Secure bool
|
||||
HttpOnly bool
|
||||
SameSite http.SameSite
|
||||
}
|
||||
|
||||
type Session struct {
|
||||
ID string
|
||||
Values map[interface{}]interface{}
|
||||
Options *Options
|
||||
IsNew bool
|
||||
}
|
||||
|
||||
func (_ *Session) AddFlash(_ interface{}, _ ...string) {}
|
||||
|
||||
func (_ *Session) Flashes(_ ...string) []interface{} {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Session) Name() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Session) Save(_ *http.Request, _ http.ResponseWriter) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Session) Store() Store {
|
||||
return nil
|
||||
}
|
||||
|
||||
type Store interface {
|
||||
Get(_ *http.Request, _ string) (*Session, error)
|
||||
New(_ *http.Request, _ string) (*Session, error)
|
||||
Save(_ *http.Request, _ http.ResponseWriter, _ *Session) error
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
# github.com/gin-gonic/gin v1.7.1
|
||||
## explicit
|
||||
github.com/gin-gonic/gin
|
||||
# github.com/gorilla/sessions v1.2.1
|
||||
## explicit
|
||||
github.com/gorilla/sessions
|
||||
@@ -0,0 +1,139 @@
|
||||
#select
|
||||
| CookieWithoutHttpOnly.go:14:2:14:22 | call to SetCookie | CookieWithoutHttpOnly.go:11:10:11:18 | "session" | CookieWithoutHttpOnly.go:14:20:14:21 | &... | Sensitive cookie $@ does not set HttpOnly attribute to true. | CookieWithoutHttpOnly.go:11:10:11:18 | "session" | session |
|
||||
| CookieWithoutHttpOnly.go:23:2:23:22 | call to SetCookie | CookieWithoutHttpOnly.go:19:13:19:21 | "session" | CookieWithoutHttpOnly.go:23:20:23:21 | &... | Sensitive cookie $@ does not set HttpOnly attribute to true. | CookieWithoutHttpOnly.go:19:13:19:21 | "session" | session |
|
||||
| CookieWithoutHttpOnly.go:50:2:50:22 | call to SetCookie | CookieWithoutHttpOnly.go:46:10:46:18 | "session" | CookieWithoutHttpOnly.go:50:20:50:21 | &... | Sensitive cookie $@ does not set HttpOnly attribute to true. | CookieWithoutHttpOnly.go:46:10:46:18 | "session" | session |
|
||||
| CookieWithoutHttpOnly.go:60:2:60:22 | call to SetCookie | CookieWithoutHttpOnly.go:56:13:56:21 | "session" | CookieWithoutHttpOnly.go:60:20:60:21 | &... | Sensitive cookie $@ does not set HttpOnly attribute to true. | CookieWithoutHttpOnly.go:56:13:56:21 | "session" | session |
|
||||
| CookieWithoutHttpOnly.go:90:2:90:22 | call to SetCookie | CookieWithoutHttpOnly.go:86:10:86:18 | "session" | CookieWithoutHttpOnly.go:90:20:90:21 | &... | Sensitive cookie $@ does not set HttpOnly attribute to true. | CookieWithoutHttpOnly.go:86:10:86:18 | "session" | session |
|
||||
| CookieWithoutHttpOnly.go:109:2:109:22 | call to SetCookie | CookieWithoutHttpOnly.go:103:10:103:18 | "session" | CookieWithoutHttpOnly.go:109:20:109:21 | &... | Sensitive cookie $@ does not set HttpOnly attribute to true. | CookieWithoutHttpOnly.go:103:10:103:18 | "session" | session |
|
||||
| CookieWithoutHttpOnly.go:119:2:119:22 | call to SetCookie | CookieWithoutHttpOnly.go:113:13:113:24 | "login_name" | CookieWithoutHttpOnly.go:119:20:119:21 | &... | Sensitive cookie $@ does not set HttpOnly attribute to true. | CookieWithoutHttpOnly.go:113:13:113:24 | "login_name" | login_name |
|
||||
| CookieWithoutHttpOnly.go:119:2:119:22 | call to SetCookie | CookieWithoutHttpOnly.go:115:10:115:16 | session | CookieWithoutHttpOnly.go:119:20:119:21 | &... | Sensitive cookie $@ does not set HttpOnly attribute to true. | CookieWithoutHttpOnly.go:115:10:115:16 | session | session |
|
||||
| CookieWithoutHttpOnly.go:131:4:131:71 | call to SetCookie | CookieWithoutHttpOnly.go:131:16:131:24 | "session" | CookieWithoutHttpOnly.go:131:16:131:24 | "session" | Sensitive cookie $@ does not set HttpOnly attribute to true. | CookieWithoutHttpOnly.go:131:16:131:24 | "session" | session |
|
||||
edges
|
||||
| CookieWithoutHttpOnly.go:10:7:13:2 | struct literal | CookieWithoutHttpOnly.go:14:20:14:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:10:7:13:2 | struct literal | CookieWithoutHttpOnly.go:14:21:14:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:11:10:11:18 | "session" | CookieWithoutHttpOnly.go:10:7:13:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:14:20:14:21 | &... [pointer] | CookieWithoutHttpOnly.go:14:20:14:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:14:21:14:21 | c | CookieWithoutHttpOnly.go:14:20:14:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:14:21:14:21 | c | CookieWithoutHttpOnly.go:14:20:14:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:18:7:22:2 | struct literal | CookieWithoutHttpOnly.go:23:20:23:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:18:7:22:2 | struct literal | CookieWithoutHttpOnly.go:23:21:23:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:19:13:19:21 | "session" | CookieWithoutHttpOnly.go:18:7:22:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:23:20:23:21 | &... [pointer] | CookieWithoutHttpOnly.go:23:20:23:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:23:21:23:21 | c | CookieWithoutHttpOnly.go:23:20:23:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:23:21:23:21 | c | CookieWithoutHttpOnly.go:23:20:23:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:27:7:31:2 | struct literal | CookieWithoutHttpOnly.go:32:20:32:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:27:7:31:2 | struct literal | CookieWithoutHttpOnly.go:32:21:32:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:28:13:28:21 | "session" | CookieWithoutHttpOnly.go:27:7:31:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:32:20:32:21 | &... [pointer] | CookieWithoutHttpOnly.go:32:20:32:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:32:21:32:21 | c | CookieWithoutHttpOnly.go:32:20:32:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:32:21:32:21 | c | CookieWithoutHttpOnly.go:32:20:32:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:36:7:39:2 | struct literal | CookieWithoutHttpOnly.go:41:20:41:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:36:7:39:2 | struct literal | CookieWithoutHttpOnly.go:41:21:41:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:37:10:37:18 | "session" | CookieWithoutHttpOnly.go:36:7:39:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:41:20:41:21 | &... [pointer] | CookieWithoutHttpOnly.go:41:20:41:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:41:21:41:21 | c | CookieWithoutHttpOnly.go:41:20:41:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:41:21:41:21 | c | CookieWithoutHttpOnly.go:41:20:41:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:45:7:48:2 | struct literal | CookieWithoutHttpOnly.go:50:20:50:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:45:7:48:2 | struct literal | CookieWithoutHttpOnly.go:50:21:50:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:46:10:46:18 | "session" | CookieWithoutHttpOnly.go:45:7:48:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:50:20:50:21 | &... [pointer] | CookieWithoutHttpOnly.go:50:20:50:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:50:21:50:21 | c | CookieWithoutHttpOnly.go:50:20:50:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:50:21:50:21 | c | CookieWithoutHttpOnly.go:50:20:50:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:55:7:59:2 | struct literal | CookieWithoutHttpOnly.go:60:20:60:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:55:7:59:2 | struct literal | CookieWithoutHttpOnly.go:60:21:60:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:56:13:56:21 | "session" | CookieWithoutHttpOnly.go:55:7:59:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:60:20:60:21 | &... [pointer] | CookieWithoutHttpOnly.go:60:20:60:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:60:21:60:21 | c | CookieWithoutHttpOnly.go:60:20:60:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:60:21:60:21 | c | CookieWithoutHttpOnly.go:60:20:60:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:65:7:69:2 | struct literal | CookieWithoutHttpOnly.go:70:20:70:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:65:7:69:2 | struct literal | CookieWithoutHttpOnly.go:70:21:70:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:66:13:66:21 | "session" | CookieWithoutHttpOnly.go:65:7:69:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:70:20:70:21 | &... [pointer] | CookieWithoutHttpOnly.go:70:20:70:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:70:21:70:21 | c | CookieWithoutHttpOnly.go:70:20:70:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:70:21:70:21 | c | CookieWithoutHttpOnly.go:70:20:70:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:75:7:78:2 | struct literal | CookieWithoutHttpOnly.go:80:20:80:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:75:7:78:2 | struct literal | CookieWithoutHttpOnly.go:80:21:80:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:76:10:76:18 | "session" | CookieWithoutHttpOnly.go:75:7:78:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:80:20:80:21 | &... [pointer] | CookieWithoutHttpOnly.go:80:20:80:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:80:21:80:21 | c | CookieWithoutHttpOnly.go:80:20:80:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:80:21:80:21 | c | CookieWithoutHttpOnly.go:80:20:80:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:85:7:88:2 | struct literal | CookieWithoutHttpOnly.go:90:20:90:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:85:7:88:2 | struct literal | CookieWithoutHttpOnly.go:90:21:90:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:86:10:86:18 | "session" | CookieWithoutHttpOnly.go:85:7:88:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:90:20:90:21 | &... [pointer] | CookieWithoutHttpOnly.go:90:20:90:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:90:21:90:21 | c | CookieWithoutHttpOnly.go:90:20:90:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:90:21:90:21 | c | CookieWithoutHttpOnly.go:90:20:90:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:103:10:103:18 | "session" | CookieWithoutHttpOnly.go:105:10:105:13 | name | provenance | |
|
||||
| CookieWithoutHttpOnly.go:104:7:107:2 | struct literal | CookieWithoutHttpOnly.go:109:20:109:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:104:7:107:2 | struct literal | CookieWithoutHttpOnly.go:109:21:109:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:105:10:105:13 | name | CookieWithoutHttpOnly.go:104:7:107:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:109:20:109:21 | &... [pointer] | CookieWithoutHttpOnly.go:109:20:109:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:109:21:109:21 | c | CookieWithoutHttpOnly.go:109:20:109:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:109:21:109:21 | c | CookieWithoutHttpOnly.go:109:20:109:21 | &... [pointer] | provenance | |
|
||||
| CookieWithoutHttpOnly.go:113:13:113:24 | "login_name" | CookieWithoutHttpOnly.go:115:10:115:16 | session | provenance | |
|
||||
| CookieWithoutHttpOnly.go:114:7:117:2 | struct literal | CookieWithoutHttpOnly.go:119:20:119:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:114:7:117:2 | struct literal | CookieWithoutHttpOnly.go:119:21:119:21 | c | provenance | |
|
||||
| CookieWithoutHttpOnly.go:115:10:115:16 | session | CookieWithoutHttpOnly.go:114:7:117:2 | struct literal | provenance | Config |
|
||||
| CookieWithoutHttpOnly.go:119:20:119:21 | &... [pointer] | CookieWithoutHttpOnly.go:119:20:119:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:119:21:119:21 | c | CookieWithoutHttpOnly.go:119:20:119:21 | &... | provenance | |
|
||||
| CookieWithoutHttpOnly.go:119:21:119:21 | c | CookieWithoutHttpOnly.go:119:20:119:21 | &... [pointer] | provenance | |
|
||||
nodes
|
||||
| CookieWithoutHttpOnly.go:10:7:13:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:11:10:11:18 | "session" | semmle.label | "session" |
|
||||
| CookieWithoutHttpOnly.go:14:20:14:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:14:20:14:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:14:21:14:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:18:7:22:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:19:13:19:21 | "session" | semmle.label | "session" |
|
||||
| CookieWithoutHttpOnly.go:23:20:23:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:23:20:23:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:23:21:23:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:27:7:31:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:28:13:28:21 | "session" | semmle.label | "session" |
|
||||
| CookieWithoutHttpOnly.go:32:20:32:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:32:20:32:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:32:21:32:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:36:7:39:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:37:10:37:18 | "session" | semmle.label | "session" |
|
||||
| CookieWithoutHttpOnly.go:41:20:41:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:41:20:41:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:41:21:41:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:45:7:48:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:46:10:46:18 | "session" | semmle.label | "session" |
|
||||
| CookieWithoutHttpOnly.go:50:20:50:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:50:20:50:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:50:21:50:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:55:7:59:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:56:13:56:21 | "session" | semmle.label | "session" |
|
||||
| CookieWithoutHttpOnly.go:60:20:60:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:60:20:60:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:60:21:60:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:65:7:69:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:66:13:66:21 | "session" | semmle.label | "session" |
|
||||
| CookieWithoutHttpOnly.go:70:20:70:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:70:20:70:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:70:21:70:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:75:7:78:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:76:10:76:18 | "session" | semmle.label | "session" |
|
||||
| CookieWithoutHttpOnly.go:80:20:80:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:80:20:80:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:80:21:80:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:85:7:88:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:86:10:86:18 | "session" | semmle.label | "session" |
|
||||
| CookieWithoutHttpOnly.go:90:20:90:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:90:20:90:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:90:21:90:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:103:10:103:18 | "session" | semmle.label | "session" |
|
||||
| CookieWithoutHttpOnly.go:104:7:107:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:105:10:105:13 | name | semmle.label | name |
|
||||
| CookieWithoutHttpOnly.go:109:20:109:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:109:20:109:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:109:21:109:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:113:13:113:24 | "login_name" | semmle.label | "login_name" |
|
||||
| CookieWithoutHttpOnly.go:114:7:117:2 | struct literal | semmle.label | struct literal |
|
||||
| CookieWithoutHttpOnly.go:115:10:115:16 | session | semmle.label | session |
|
||||
| CookieWithoutHttpOnly.go:119:20:119:21 | &... | semmle.label | &... |
|
||||
| CookieWithoutHttpOnly.go:119:20:119:21 | &... [pointer] | semmle.label | &... [pointer] |
|
||||
| CookieWithoutHttpOnly.go:119:21:119:21 | c | semmle.label | c |
|
||||
| CookieWithoutHttpOnly.go:131:16:131:24 | "session" | semmle.label | "session" |
|
||||
subpaths
|
||||
@@ -0,0 +1,136 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
)
|
||||
|
||||
func handler1(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session", // $ Source
|
||||
Value: "secret",
|
||||
}
|
||||
http.SetCookie(w, &c) // $ Alert // BAD: HttpOnly set to false by default
|
||||
}
|
||||
|
||||
func handler2(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session", // $ Source
|
||||
Value: "secret",
|
||||
HttpOnly: false,
|
||||
}
|
||||
http.SetCookie(w, &c) // $ Alert // BAD: HttpOnly explicitly set to false
|
||||
}
|
||||
|
||||
func handler3(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
HttpOnly: true,
|
||||
}
|
||||
http.SetCookie(w, &c) // GOOD: HttpOnly explicitly set to true
|
||||
}
|
||||
|
||||
func handler4(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
}
|
||||
c.HttpOnly = true
|
||||
http.SetCookie(w, &c) // GOOD: HttpOnly explicitly set to true
|
||||
}
|
||||
|
||||
func handler5(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session", // $ Source
|
||||
Value: "secret",
|
||||
}
|
||||
c.HttpOnly = false
|
||||
http.SetCookie(w, &c) // $ Alert // BAD: HttpOnly explicitly set to false
|
||||
}
|
||||
|
||||
func handler6(w http.ResponseWriter, r *http.Request) {
|
||||
val := false
|
||||
c := http.Cookie{
|
||||
Name: "session", // $ Source
|
||||
Value: "secret",
|
||||
HttpOnly: val,
|
||||
}
|
||||
http.SetCookie(w, &c) // $ Alert // BAD: HttpOnly explicitly set to false
|
||||
}
|
||||
|
||||
func handler7(w http.ResponseWriter, r *http.Request) {
|
||||
val := true
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
HttpOnly: val,
|
||||
}
|
||||
http.SetCookie(w, &c) // GOOD: HttpOnly explicitly set to true
|
||||
}
|
||||
|
||||
func handler8(w http.ResponseWriter, r *http.Request) {
|
||||
val := true
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
}
|
||||
c.HttpOnly = val
|
||||
http.SetCookie(w, &c) // GOOD: HttpOnly explicitly set to true
|
||||
}
|
||||
|
||||
func handler9(w http.ResponseWriter, r *http.Request) {
|
||||
val := false
|
||||
c := http.Cookie{
|
||||
Name: "session", // $ Source
|
||||
Value: "secret",
|
||||
}
|
||||
c.HttpOnly = val
|
||||
http.SetCookie(w, &c) // $ Alert //BAD: HttpOnly explicitly set to false
|
||||
}
|
||||
|
||||
func handler10(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "consent",
|
||||
Value: "1",
|
||||
}
|
||||
c.HttpOnly = false
|
||||
http.SetCookie(w, &c) // GOOD: Name is not auth related
|
||||
}
|
||||
|
||||
func handler11(w http.ResponseWriter, r *http.Request) {
|
||||
name := "session" // $ Source
|
||||
c := http.Cookie{
|
||||
Name: name,
|
||||
Value: "secret",
|
||||
}
|
||||
c.HttpOnly = false
|
||||
http.SetCookie(w, &c) // $ Alert // BAD: auth related name
|
||||
}
|
||||
|
||||
func handler12(w http.ResponseWriter, r *http.Request) {
|
||||
session := "login_name" // $ Source
|
||||
c := http.Cookie{
|
||||
Name: session, // $ Source
|
||||
Value: "secret",
|
||||
}
|
||||
c.HttpOnly = false
|
||||
http.SetCookie(w, &c) // $ Alert // BAD: auth related name
|
||||
}
|
||||
|
||||
func main() {
|
||||
|
||||
router := gin.Default()
|
||||
|
||||
router.GET("/cookie", func(c *gin.Context) {
|
||||
|
||||
_, err := c.Cookie("session")
|
||||
|
||||
if err != nil {
|
||||
c.SetCookie("session", "test", 3600, "/", "localhost", false, false) // $ Alert // BAD: httpOnly set to false
|
||||
}
|
||||
})
|
||||
|
||||
router.Run()
|
||||
}
|
||||
@@ -0,0 +1,2 @@
|
||||
query: Security/CWE-1004/CookieWithoutHttpOnly.ql
|
||||
postprocess: utils/test/InlineExpectationsTestQuery.ql
|
||||
@@ -4,5 +4,4 @@ go 1.14
|
||||
|
||||
require (
|
||||
github.com/gin-gonic/gin v1.7.1
|
||||
github.com/gorilla/sessions v1.2.1
|
||||
)
|
||||
3
go/ql/test/query-tests/Security/CWE-1004/vendor/modules.txt
vendored
Normal file
3
go/ql/test/query-tests/Security/CWE-1004/vendor/modules.txt
vendored
Normal file
@@ -0,0 +1,3 @@
|
||||
# github.com/gin-gonic/gin v1.7.1
|
||||
## explicit
|
||||
github.com/gin-gonic/gin
|
||||
@@ -0,0 +1,6 @@
|
||||
| CookieWithoutSecure.go:14:2:14:22 | call to SetCookie | Cookie does not set Secure attribute to true. |
|
||||
| CookieWithoutSecure.go:23:2:23:22 | call to SetCookie | Cookie does not set Secure attribute to true. |
|
||||
| CookieWithoutSecure.go:50:2:50:22 | call to SetCookie | Cookie does not set Secure attribute to true. |
|
||||
| CookieWithoutSecure.go:60:2:60:22 | call to SetCookie | Cookie does not set Secure attribute to true. |
|
||||
| CookieWithoutSecure.go:90:2:90:22 | call to SetCookie | Cookie does not set Secure attribute to true. |
|
||||
| CookieWithoutSecure.go:102:4:102:71 | call to SetCookie | Cookie does not set Secure attribute to true. |
|
||||
107
go/ql/test/query-tests/Security/CWE-614/CookieWithoutSecure.go
Normal file
107
go/ql/test/query-tests/Security/CWE-614/CookieWithoutSecure.go
Normal file
@@ -0,0 +1,107 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
)
|
||||
|
||||
func handler1(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session", // $ Source
|
||||
Value: "secret",
|
||||
}
|
||||
http.SetCookie(w, &c) // $ Alert // BAD: Secure set to false by default
|
||||
}
|
||||
|
||||
func handler2(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session", // $ Source
|
||||
Value: "secret",
|
||||
Secure: false,
|
||||
}
|
||||
http.SetCookie(w, &c) // $ Alert // BAD: Secure explicitly set to false
|
||||
}
|
||||
|
||||
func handler3(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
Secure: true,
|
||||
}
|
||||
http.SetCookie(w, &c) // GOOD: Secure explicitly set to true
|
||||
}
|
||||
|
||||
func handler4(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
}
|
||||
c.Secure = true
|
||||
http.SetCookie(w, &c) // GOOD: Secure explicitly set to true
|
||||
}
|
||||
|
||||
func handler5(w http.ResponseWriter, r *http.Request) {
|
||||
c := http.Cookie{
|
||||
Name: "session", // $ Source
|
||||
Value: "secret",
|
||||
}
|
||||
c.Secure = false
|
||||
http.SetCookie(w, &c) // $ Alert // BAD: Secure explicitly set to false
|
||||
}
|
||||
|
||||
func handler6(w http.ResponseWriter, r *http.Request) {
|
||||
val := false
|
||||
c := http.Cookie{
|
||||
Name: "session", // $ Source
|
||||
Value: "secret",
|
||||
Secure: val,
|
||||
}
|
||||
http.SetCookie(w, &c) // $ Alert // BAD: Secure explicitly set to false
|
||||
}
|
||||
|
||||
func handler7(w http.ResponseWriter, r *http.Request) {
|
||||
val := true
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
Secure: val,
|
||||
}
|
||||
http.SetCookie(w, &c) // GOOD: Secure explicitly set to true
|
||||
}
|
||||
|
||||
func handler8(w http.ResponseWriter, r *http.Request) {
|
||||
val := true
|
||||
c := http.Cookie{
|
||||
Name: "session",
|
||||
Value: "secret",
|
||||
}
|
||||
c.Secure = val
|
||||
http.SetCookie(w, &c) // GOOD: Secure explicitly set to true
|
||||
}
|
||||
|
||||
func handler9(w http.ResponseWriter, r *http.Request) {
|
||||
val := false
|
||||
c := http.Cookie{
|
||||
Name: "session", // $ Source
|
||||
Value: "secret",
|
||||
}
|
||||
c.Secure = val
|
||||
http.SetCookie(w, &c) // $ Alert //BAD: Secure explicitly set to false
|
||||
}
|
||||
|
||||
func main() {
|
||||
|
||||
router := gin.Default()
|
||||
|
||||
router.GET("/cookie", func(c *gin.Context) {
|
||||
|
||||
_, err := c.Cookie("session")
|
||||
|
||||
if err != nil {
|
||||
c.SetCookie("session", "test", 3600, "/", "localhost", false, false) // $ Alert // BAD: Secure set to false
|
||||
}
|
||||
})
|
||||
|
||||
router.Run()
|
||||
}
|
||||
@@ -0,0 +1,2 @@
|
||||
query: Security/CWE-614/CookieWithoutSecure.ql
|
||||
postprocess: utils/test/InlineExpectationsTestQuery.ql
|
||||
7
go/ql/test/query-tests/Security/CWE-614/go.mod
Normal file
7
go/ql/test/query-tests/Security/CWE-614/go.mod
Normal file
@@ -0,0 +1,7 @@
|
||||
module example.com/m
|
||||
|
||||
go 1.14
|
||||
|
||||
require (
|
||||
github.com/gin-gonic/gin v1.7.1
|
||||
)
|
||||
21
go/ql/test/query-tests/Security/CWE-614/vendor/github.com/gin-gonic/gin/LICENSE
generated
vendored
Normal file
21
go/ql/test/query-tests/Security/CWE-614/vendor/github.com/gin-gonic/gin/LICENSE
generated
vendored
Normal file
@@ -0,0 +1,21 @@
|
||||
The MIT License (MIT)
|
||||
|
||||
Copyright (c) 2014 Manuel Martínez-Almeida
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in
|
||||
all copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
THE SOFTWARE.
|
||||
12
go/ql/test/query-tests/Security/CWE-614/vendor/github.com/gin-gonic/gin/binding/stub.go
generated
vendored
Normal file
12
go/ql/test/query-tests/Security/CWE-614/vendor/github.com/gin-gonic/gin/binding/stub.go
generated
vendored
Normal file
@@ -0,0 +1,12 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/gin-gonic/gin/binding, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/gin-gonic/gin/binding (exports: ; functions: YAML)
|
||||
|
||||
// Package binding is a stub of github.com/gin-gonic/gin/binding, generated by depstubber.
|
||||
package binding
|
||||
|
||||
import ()
|
||||
|
||||
var YAML interface{} = nil
|
||||
677
go/ql/test/query-tests/Security/CWE-614/vendor/github.com/gin-gonic/gin/stub.go
generated
vendored
Normal file
677
go/ql/test/query-tests/Security/CWE-614/vendor/github.com/gin-gonic/gin/stub.go
generated
vendored
Normal file
@@ -0,0 +1,677 @@
|
||||
// Code generated by depstubber. DO NOT EDIT.
|
||||
// This is a simple stub for github.com/gin-gonic/gin, strictly for use in testing.
|
||||
|
||||
// See the LICENSE file for information about the licensing of the original library.
|
||||
// Source: github.com/gin-gonic/gin (exports: Context; functions: Default)
|
||||
|
||||
// Package gin is a stub of github.com/gin-gonic/gin, generated by depstubber.
|
||||
package gin
|
||||
|
||||
import (
|
||||
bufio "bufio"
|
||||
template "html/template"
|
||||
io "io"
|
||||
multipart "mime/multipart"
|
||||
net "net"
|
||||
http "net/http"
|
||||
time "time"
|
||||
)
|
||||
|
||||
type Context struct {
|
||||
Request *http.Request
|
||||
Writer ResponseWriter
|
||||
Params Params
|
||||
Keys map[string]interface{}
|
||||
Errors interface{}
|
||||
Accepted []string
|
||||
}
|
||||
|
||||
func (_ *Context) Abort() {}
|
||||
|
||||
func (_ *Context) AbortWithError(_ int, _ error) *Error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) AbortWithStatus(_ int) {}
|
||||
|
||||
func (_ *Context) AbortWithStatusJSON(_ int, _ interface{}) {}
|
||||
|
||||
func (_ *Context) AsciiJSON(_ int, _ interface{}) {}
|
||||
|
||||
func (_ *Context) Bind(_ interface{}) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) BindHeader(_ interface{}) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) BindJSON(_ interface{}) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) BindQuery(_ interface{}) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) BindUri(_ interface{}) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) BindWith(_ interface{}, _ interface{}) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) BindXML(_ interface{}) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) BindYAML(_ interface{}) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) ClientIP() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Context) ContentType() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Context) Cookie(_ string) (string, error) {
|
||||
return "", nil
|
||||
}
|
||||
|
||||
func (_ *Context) Copy() *Context {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) Data(_ int, _ string, _ []byte) {}
|
||||
|
||||
func (_ *Context) DataFromReader(_ int, _ int64, _ string, _ io.Reader, _ map[string]string) {}
|
||||
|
||||
func (_ *Context) Deadline() (time.Time, bool) {
|
||||
return time.Time{}, false
|
||||
}
|
||||
|
||||
func (_ *Context) DefaultPostForm(_ string, _ string) string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Context) DefaultQuery(_ string, _ string) string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Context) Done() <-chan struct{} {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) Err() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) Error(_ error) *Error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) File(_ string) {}
|
||||
|
||||
func (_ *Context) FileAttachment(_ string, _ string) {}
|
||||
|
||||
func (_ *Context) FileFromFS(_ string, _ http.FileSystem) {}
|
||||
|
||||
func (_ *Context) FormFile(_ string) (*multipart.FileHeader, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *Context) FullPath() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Context) Get(_ string) (interface{}, bool) {
|
||||
return nil, false
|
||||
}
|
||||
|
||||
func (_ *Context) GetBool(_ string) bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Context) GetDuration(_ string) time.Duration {
|
||||
return 0
|
||||
}
|
||||
|
||||
func (_ *Context) GetFloat64(_ string) float64 {
|
||||
return 0
|
||||
}
|
||||
|
||||
func (_ *Context) GetHeader(_ string) string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Context) GetInt(_ string) int {
|
||||
return 0
|
||||
}
|
||||
|
||||
func (_ *Context) GetInt64(_ string) int64 {
|
||||
return 0
|
||||
}
|
||||
|
||||
func (_ *Context) GetPostForm(_ string) (string, bool) {
|
||||
return "", false
|
||||
}
|
||||
|
||||
func (_ *Context) GetPostFormArray(_ string) ([]string, bool) {
|
||||
return nil, false
|
||||
}
|
||||
|
||||
func (_ *Context) GetPostFormMap(_ string) (map[string]string, bool) {
|
||||
return nil, false
|
||||
}
|
||||
|
||||
func (_ *Context) GetQuery(_ string) (string, bool) {
|
||||
return "", false
|
||||
}
|
||||
|
||||
func (_ *Context) GetQueryArray(_ string) ([]string, bool) {
|
||||
return nil, false
|
||||
}
|
||||
|
||||
func (_ *Context) GetQueryMap(_ string) (map[string]string, bool) {
|
||||
return nil, false
|
||||
}
|
||||
|
||||
func (_ *Context) GetRawData() ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *Context) GetString(_ string) string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Context) GetStringMap(_ string) map[string]interface{} {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) GetStringMapString(_ string) map[string]string {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) GetStringMapStringSlice(_ string) map[string][]string {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) GetStringSlice(_ string) []string {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) GetTime(_ string) time.Time {
|
||||
return time.Time{}
|
||||
}
|
||||
|
||||
func (_ *Context) GetUint(_ string) uint {
|
||||
return 0
|
||||
}
|
||||
|
||||
func (_ *Context) GetUint64(_ string) uint64 {
|
||||
return 0
|
||||
}
|
||||
|
||||
func (_ *Context) HTML(_ int, _ string, _ interface{}) {}
|
||||
|
||||
func (_ *Context) Handler() HandlerFunc {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) HandlerName() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Context) HandlerNames() []string {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) Header(_ string, _ string) {}
|
||||
|
||||
func (_ *Context) IndentedJSON(_ int, _ interface{}) {}
|
||||
|
||||
func (_ *Context) IsAborted() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Context) IsWebsocket() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Context) JSON(_ int, _ interface{}) {}
|
||||
|
||||
func (_ *Context) JSONP(_ int, _ interface{}) {}
|
||||
|
||||
func (_ *Context) MultipartForm() (*multipart.Form, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *Context) MustBindWith(_ interface{}, _ interface{}) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) MustGet(_ string) interface{} {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) Negotiate(_ int, _ Negotiate) {}
|
||||
|
||||
func (_ *Context) NegotiateFormat(_ ...string) string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Context) Next() {}
|
||||
|
||||
func (_ *Context) Param(_ string) string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Context) PostForm(_ string) string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Context) PostFormArray(_ string) []string {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) PostFormMap(_ string) map[string]string {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) ProtoBuf(_ int, _ interface{}) {}
|
||||
|
||||
func (_ *Context) PureJSON(_ int, _ interface{}) {}
|
||||
|
||||
func (_ *Context) Query(_ string) string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Context) QueryArray(_ string) []string {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) QueryMap(_ string) map[string]string {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) Redirect(_ int, _ string) {}
|
||||
|
||||
func (_ *Context) RemoteIP() (net.IP, bool) {
|
||||
return nil, false
|
||||
}
|
||||
|
||||
func (_ *Context) Render(_ int, _ interface{}) {}
|
||||
|
||||
func (_ *Context) SSEvent(_ string, _ interface{}) {}
|
||||
|
||||
func (_ *Context) SaveUploadedFile(_ *multipart.FileHeader, _ string) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) SecureJSON(_ int, _ interface{}) {}
|
||||
|
||||
func (_ *Context) Set(_ string, _ interface{}) {}
|
||||
|
||||
func (_ *Context) SetAccepted(_ ...string) {}
|
||||
|
||||
func (_ *Context) SetCookie(_ string, _ string, _ int, _ string, _ string, _ bool, _ bool) {}
|
||||
|
||||
func (_ *Context) SetSameSite(_ http.SameSite) {}
|
||||
|
||||
func (_ *Context) ShouldBind(_ interface{}) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) ShouldBindBodyWith(_ interface{}, _ interface{}) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) ShouldBindHeader(_ interface{}) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) ShouldBindJSON(_ interface{}) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) ShouldBindQuery(_ interface{}) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) ShouldBindUri(_ interface{}) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) ShouldBindWith(_ interface{}, _ interface{}) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) ShouldBindXML(_ interface{}) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) ShouldBindYAML(_ interface{}) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) Status(_ int) {}
|
||||
|
||||
func (_ *Context) Stream(_ func(io.Writer) bool) bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Context) String(_ int, _ string, _ ...interface{}) {}
|
||||
|
||||
func (_ *Context) Value(_ interface{}) interface{} {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Context) XML(_ int, _ interface{}) {}
|
||||
|
||||
func (_ *Context) YAML(_ int, _ interface{}) {}
|
||||
|
||||
func Default() *Engine {
|
||||
return nil
|
||||
}
|
||||
|
||||
type Engine struct {
|
||||
RouterGroup RouterGroup
|
||||
RedirectTrailingSlash bool
|
||||
RedirectFixedPath bool
|
||||
HandleMethodNotAllowed bool
|
||||
ForwardedByClientIP bool
|
||||
RemoteIPHeaders []string
|
||||
TrustedProxies []string
|
||||
AppEngine bool
|
||||
UseRawPath bool
|
||||
UnescapePathValues bool
|
||||
MaxMultipartMemory int64
|
||||
RemoveExtraSlash bool
|
||||
HTMLRender interface{}
|
||||
FuncMap template.FuncMap
|
||||
}
|
||||
|
||||
func (_ *Engine) Any(_ string, _ ...HandlerFunc) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) BasePath() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Engine) DELETE(_ string, _ ...HandlerFunc) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) Delims(_ string, _ string) *Engine {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) GET(_ string, _ ...HandlerFunc) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) Group(_ string, _ ...HandlerFunc) *RouterGroup {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) HEAD(_ string, _ ...HandlerFunc) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) Handle(_ string, _ string, _ ...HandlerFunc) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) HandleContext(_ *Context) {}
|
||||
|
||||
func (_ *Engine) LoadHTMLFiles(_ ...string) {}
|
||||
|
||||
func (_ *Engine) LoadHTMLGlob(_ string) {}
|
||||
|
||||
func (_ *Engine) NoMethod(_ ...HandlerFunc) {}
|
||||
|
||||
func (_ *Engine) NoRoute(_ ...HandlerFunc) {}
|
||||
|
||||
func (_ *Engine) OPTIONS(_ string, _ ...HandlerFunc) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) PATCH(_ string, _ ...HandlerFunc) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) POST(_ string, _ ...HandlerFunc) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) PUT(_ string, _ ...HandlerFunc) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) Routes() RoutesInfo {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) Run(_ ...string) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) RunFd(_ int) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) RunListener(_ net.Listener) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) RunTLS(_ string, _ string, _ string) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) RunUnix(_ string) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) SecureJsonPrefix(_ string) *Engine {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) ServeHTTP(_ http.ResponseWriter, _ *http.Request) {}
|
||||
|
||||
func (_ *Engine) SetFuncMap(_ template.FuncMap) {}
|
||||
|
||||
func (_ *Engine) SetHTMLTemplate(_ *template.Template) {}
|
||||
|
||||
func (_ *Engine) Static(_ string, _ string) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) StaticFS(_ string, _ http.FileSystem) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) StaticFile(_ string, _ string) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Engine) Use(_ ...HandlerFunc) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
type Error struct {
|
||||
Err error
|
||||
Type ErrorType
|
||||
Meta interface{}
|
||||
}
|
||||
|
||||
func (_ Error) Error() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *Error) IsType(_ ErrorType) bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (_ *Error) JSON() interface{} {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Error) MarshalJSON() ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (_ *Error) SetMeta(_ interface{}) *Error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Error) SetType(_ ErrorType) *Error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *Error) Unwrap() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type ErrorType uint64
|
||||
|
||||
type HandlerFunc func(*Context)
|
||||
|
||||
type HandlersChain []HandlerFunc
|
||||
|
||||
func (_ HandlersChain) Last() HandlerFunc {
|
||||
return nil
|
||||
}
|
||||
|
||||
type IRoutes interface {
|
||||
Any(_ string, _ ...HandlerFunc) IRoutes
|
||||
DELETE(_ string, _ ...HandlerFunc) IRoutes
|
||||
GET(_ string, _ ...HandlerFunc) IRoutes
|
||||
HEAD(_ string, _ ...HandlerFunc) IRoutes
|
||||
Handle(_ string, _ string, _ ...HandlerFunc) IRoutes
|
||||
OPTIONS(_ string, _ ...HandlerFunc) IRoutes
|
||||
PATCH(_ string, _ ...HandlerFunc) IRoutes
|
||||
POST(_ string, _ ...HandlerFunc) IRoutes
|
||||
PUT(_ string, _ ...HandlerFunc) IRoutes
|
||||
Static(_ string, _ string) IRoutes
|
||||
StaticFS(_ string, _ http.FileSystem) IRoutes
|
||||
StaticFile(_ string, _ string) IRoutes
|
||||
Use(_ ...HandlerFunc) IRoutes
|
||||
}
|
||||
|
||||
type Negotiate struct {
|
||||
Offered []string
|
||||
HTMLName string
|
||||
HTMLData interface{}
|
||||
JSONData interface{}
|
||||
XMLData interface{}
|
||||
YAMLData interface{}
|
||||
Data interface{}
|
||||
}
|
||||
|
||||
type Param struct {
|
||||
Key string
|
||||
Value string
|
||||
}
|
||||
|
||||
type Params []Param
|
||||
|
||||
func (_ Params) ByName(_ string) string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ Params) Get(_ string) (string, bool) {
|
||||
return "", false
|
||||
}
|
||||
|
||||
type ResponseWriter interface {
|
||||
CloseNotify() <-chan bool
|
||||
Flush()
|
||||
Header() http.Header
|
||||
Hijack() (net.Conn, *bufio.ReadWriter, error)
|
||||
Pusher() http.Pusher
|
||||
Size() int
|
||||
Status() int
|
||||
Write(_ []byte) (int, error)
|
||||
WriteHeader(_ int)
|
||||
WriteHeaderNow()
|
||||
WriteString(_ string) (int, error)
|
||||
Written() bool
|
||||
}
|
||||
|
||||
type RouteInfo struct {
|
||||
Method string
|
||||
Path string
|
||||
Handler string
|
||||
HandlerFunc HandlerFunc
|
||||
}
|
||||
|
||||
type RouterGroup struct {
|
||||
Handlers HandlersChain
|
||||
}
|
||||
|
||||
func (_ *RouterGroup) Any(_ string, _ ...HandlerFunc) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *RouterGroup) BasePath() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func (_ *RouterGroup) DELETE(_ string, _ ...HandlerFunc) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *RouterGroup) GET(_ string, _ ...HandlerFunc) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *RouterGroup) Group(_ string, _ ...HandlerFunc) *RouterGroup {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *RouterGroup) HEAD(_ string, _ ...HandlerFunc) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *RouterGroup) Handle(_ string, _ string, _ ...HandlerFunc) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *RouterGroup) OPTIONS(_ string, _ ...HandlerFunc) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *RouterGroup) PATCH(_ string, _ ...HandlerFunc) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *RouterGroup) POST(_ string, _ ...HandlerFunc) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *RouterGroup) PUT(_ string, _ ...HandlerFunc) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *RouterGroup) Static(_ string, _ string) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *RouterGroup) StaticFS(_ string, _ http.FileSystem) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *RouterGroup) StaticFile(_ string, _ string) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *RouterGroup) Use(_ ...HandlerFunc) IRoutes {
|
||||
return nil
|
||||
}
|
||||
|
||||
type RoutesInfo []RouteInfo
|
||||
3
go/ql/test/query-tests/Security/CWE-614/vendor/modules.txt
vendored
Normal file
3
go/ql/test/query-tests/Security/CWE-614/vendor/modules.txt
vendored
Normal file
@@ -0,0 +1,3 @@
|
||||
# github.com/gin-gonic/gin v1.7.1
|
||||
## explicit
|
||||
github.com/gin-gonic/gin
|
||||
Reference in New Issue
Block a user