ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S6287/csharp/how-to-fix-it/dotnet.adoc

51 lines
923 B
Plaintext
Raw Normal View History

[APPSEC-116] Modify rule S6287: Educational content (#1216)
2022-09-08 11:06:29 +02:00
=== How to fix it in ASP.NET
include::../../common/fix/code-rationale.adoc[]
[cols="a"]
|===
h| Non-compliant code example
|
[source,csharp]
----
using System.Web;
using System.Web.Mvc;
public class ExampleController : Controller
{
[HttpGet]
public IActionResult CheckCookie(string cookie)
{
if (Request.Cookies["ASP.NET_SessionId"] == null)
{
Response.Cookies.Append("ASP.NET_SessionId", cookie); // Noncompliant
}
return View("Welcome");
}
}
----
h| Compliant solution
|
[source,csharp]
----
using System.Web;
using System.Web.Mvc;
public class ExampleController : Controller
{
[HttpGet]
public IActionResult CheckCookie()
{
if (Request.Cookies["ASP.NET_SessionId"] == null)
{
return View("GetCookie");
}
return View("Welcome");
}
}
----
|===
include::../../common/fix/how-does-this-work.adoc[]
Reference in New Issue Copy Permalink