hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 17:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add cookie injection query missing proper tests

Browse Source
This commit is contained in:
jorgectf
2021-10-28 10:28:45 +02:00
parent 129edd605e
commit cf9e9f9dd4
7 changed files with 111 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
python/ql/test/experimental/query-tests/Security/CWE-614/flask_bad.py
View File

@@ -6,7 +6,7 @@ app = Flask(__name__)
@app.route("/false")
def false():
resp = make_response()
resp.set_cookie("name", value="value", secure=False,
resp.set_cookie(request.args["name"], value=request.args["value"], secure=False,
httponly=False, samesite='None')
return resp