hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-18 05:24:01 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
628f85aebcf23ee9a7a944c8ca8d00aefc00b8eb
codeql/python/ql/test/query-tests/Security/CWE-1275-SameSiteNoneCookie/test.py
Owen Mansel-Chan 5a97348e78 python: Inline expectation should have space after $ 
This was a regex-find-replace from `# \$(?! )` (using a negative lookahead) to `# $ `.
2026-03-04 12:45:05 +00:00

15 lines
665 B
Python
Raw Blame History

from flask import Flask, request, make_response
app = Flask(__name__)
@app.route("/test")
def test(oauth_cookie_name):
resp = make_response()
resp.set_cookie("password", "value1")
resp.set_cookie("authKey", "value2", samesite="Lax")
resp.set_cookie("session_id", "value2", samesite="None") # $ Alert[py/samesite-none-cookie]
resp.set_cookie("oauth", "value2", secure=True, samesite="Strict")
resp.set_cookie("oauth", "value2", httponly=True, samesite="Strict")
resp.set_cookie(oauth_cookie_name, "value2", secure=True, samesite="None") # $ Alert[py/samesite-none-cookie]
resp.set_cookie("not_sensitive", "value2", samesite="None")
Reference in New Issue View Git Blame Copy Permalink