hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll

Browse Source 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
This commit is contained in:
Alessio Della Libera
2020-08-16 14:23:17 +02:00
committed by GitHub
parent e463014759
commit fb3ffb895a
1 changed files with 0 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll
View File

@@ -56,8 +56,6 @@ module InsecureCookie {
/**
* A cookie set using the `express` module `express-session` (https://github.com/expressjs/session).
* The flag `secure` is not set by default (https://github.com/expressjs/session#cookiesecure).
* The default value for cookie options is { path: '/', httpOnly: true, secure: false, maxAge: null }.
*/
class InsecureExpressSessionCookie extends ExpressLibraries::ExpressSession::MiddlewareInstance,
InsecureCookies {