check for sensitive property name

2026-04-27 17:55:19 +02:00 · 2021-05-03 00:31:29 +03:00
parent 7ab91bb185
commit 97bc7e38d2
3 changed files with 14 additions and 1 deletions
--- a/javascript/ql/src/semmle/javascript/security/InsecureCookie.qll
+++ b/javascript/ql/src/semmle/javascript/security/InsecureCookie.qll
@@ -53,7 +53,8 @@ module Cookie {
      exists(string val |
        (
          val = expr.getStringValue() or
-          val = expr.asExpr().(VarAccess).getName()
+          val = expr.asExpr().(VarAccess).getName() or
+          val = expr.(DataFlow::PropRead).getPropertyName()
        ) and
        regexpMatchAuth(val)
      )