hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 17:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update tests and add inline expectations

Browse Source
This commit is contained in:
Joe Farebrother
2025-10-01 16:48:09 +01:00
parent e1cf3d30d2
commit c799f93811
5 changed files with 229 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
java/ql/src/Security/CWE/CWE-1004/SensitiveCookieNotHttpOnly.ql
View File

@@ -23,7 +23,6 @@ import java
import semmle.code.java.dataflow.FlowSteps
import semmle.code.java.frameworks.Servlets
import semmle.code.java.dataflow.TaintTracking
import MissingHttpOnlyFlow::PathGraph
/** Gets a regular expression for matching common names of sensitive cookies. */
string getSensitiveCookieNameRegex() { result = "(?i).*(auth|session|token|key|credential).*" }
@@ -196,6 +195,8 @@ module MissingHttpOnlyConfig implements DataFlow::ConfigSig {
module MissingHttpOnlyFlow = TaintTracking::Global<MissingHttpOnlyConfig>;
import MissingHttpOnlyFlow::PathGraph
from MissingHttpOnlyFlow::PathNode source, MissingHttpOnlyFlow::PathNode sink
where MissingHttpOnlyFlow::flowPath(source, sink)
select sink, source, sink, "$@ doesn't have the HttpOnly flag set.", source, "This sensitive cookie"