hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 18:25:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add sensitive data heuristic

Browse Source
This commit is contained in:
Joe Farebrother
2025-09-23 10:08:08 +01:00
parent 6eac6b7258
commit d28e8004fd
5 changed files with 25 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
python/ql/src/Security/CWE-614/InsecureCookie.ql
View File

@@ -16,5 +16,6 @@ import semmle.python.dataflow.new.DataFlow
import semmle.python.Concepts
from Http::Server::CookieWrite cookie
where cookie.hasSecureFlag(false)
where cookie.hasSecureFlag(false) //and
//cookie.isSensitive()
select cookie, "Cookie is added without the Secure attribute properly set."