Rasmus Lerchedahl Petersen
|
1c7e533144
|
python: format
|
2022-05-09 21:22:27 +02:00 |
|
Rasmus Lerchedahl Petersen
|
2a5908ff49
|
python: require all settings be vulnerable
at least all thos not in tests
|
2022-05-09 17:08:49 +02:00 |
|
yoff
|
3416f074e8
|
Update python/ql/src/Security/CWE-352/CSRFProtectionDisabled.ql
Explain why `TestScope` is not used.
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
|
2022-03-29 13:59:04 +02:00 |
|
Rasmus Lerchedahl Petersen
|
774c811e97
|
python: move CSRF concepts inside HTTP::Server
|
2022-03-28 07:35:13 +02:00 |
|
Rasmus Lerchedahl Petersen
|
1e9840d779
|
python: broaden local protection concept
|
2022-03-25 12:28:33 +01:00 |
|
Rasmus Lerchedahl Petersen
|
778a88f32c
|
python: update qhelp
removing custom middleware stack
will _not_ enable CSRF protection
|
2022-03-25 11:49:06 +01:00 |
|
yoff
|
85f1d92a0d
|
Apply suggestions from code review
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
|
2022-03-25 11:42:32 +01:00 |
|
Rasmus Lerchedahl Petersen
|
441e206cfa
|
python: CSRF -> Csrf
|
2022-03-23 11:29:27 +01:00 |
|
Rasmus Lerchedahl Petersen
|
53de8287f5
|
python: rule out test code for CSRF
|
2022-03-22 14:57:05 +01:00 |
|
Rasmus Lerchedahl Petersen
|
0f2c21c8bd
|
python: require local protection to be absent
for CSRF to be likely
|
2022-03-22 13:42:52 +01:00 |
|
Rasmus Lerchedahl Petersen
|
895ce755c1
|
python: correct file name
|
2022-03-07 13:03:04 +01:00 |
|
Rasmus Lerchedahl Petersen
|
93750fe17f
|
python: minimal CSRF implementation
- currectly only looks for custom django middleware
|
2022-03-04 12:47:23 +01:00 |
|