ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S3330/php/rule.adoc

53 lines
2.4 KiB
Plaintext
Raw Normal View History

Add rules 3000-3999
2020-06-30 12:48:39 +02:00
include::../description.adoc[]
include::../ask-yourself.adoc[]
include::../recommended.adoc[]
== Sensitive Code Example
In _php.ini_ you can specify the flags for the session cookie which is security-sensitive:
Fix code block ambiguity with old header style Ensure blank line before list and clean the one leading space
2020-06-30 14:49:38 +02:00
Add rules 3000-3999
2020-06-30 12:48:39 +02:00
----
session.cookie_httponly = 0; // Sensitive: this sensitive session cookie is created with the httponly flag set to false and so it can be stolen easily in case of XSS vulnerability
----
Same thing in PHP code:
Fix code block ambiguity with old header style Ensure blank line before list and clean the one leading space
2020-06-30 14:49:38 +02:00
Add rules 3000-3999
2020-06-30 12:48:39 +02:00
----
session_set_cookie_params($lifetime, $path, $domain, true, false); // Sensitive: this sensitive session cookie is created with the httponly flag (the fifth argument) set to false and so it can be stolen easily in case of XSS vulnerability
----
If you create a custom security-sensitive cookie in your PHP code:
Fix code block ambiguity with old header style Ensure blank line before list and clean the one leading space
2020-06-30 14:49:38 +02:00
Add rules 3000-3999
2020-06-30 12:48:39 +02:00
----
$value = "sensitive data";
setcookie($name, $value, $expire, $path, $domain, true, false); // Sensitive: this sensitive cookie is created with the httponly flag (the seventh argument) set to false and so it can be stolen easily in case of XSS vulnerability
----
change the inline-code delimitters
2020-12-23 14:59:06 +01:00
By default https://www.php.net/manual/en/function.setcookie.php[``setcookie``] and https://www.php.net/manual/en/function.setrawcookie.php[``setrawcookie``] functions set ``httpOnly`` flag to _false_ (the seventh argument) and so cookies can be stolen easily in case of XSS vulnerability:
Fix code block ambiguity with old header style Ensure blank line before list and clean the one leading space
2020-06-30 14:49:38 +02:00
Add rules 3000-3999
2020-06-30 12:48:39 +02:00
----
$value = "sensitive data";
setcookie($name, $value, $expire, $path, $domain, true); // Sensitive: a sensitive cookie is created with the httponly flag (the seventh argument) not defined (by default set to false)
setrawcookie($name, $value, $expire, $path, $domain, true); // Sensitive: a sensitive cookie is created with the httponly flag (the seventh argument) not defined (by default set to false)
----
== Compliant Solution
----
session.cookie_httponly = 1; // Compliant: the sensitive cookie is protected against theft thanks (cookie_httponly=1)
----
Fix code block ambiguity with old header style Ensure blank line before list and clean the one leading space
2020-06-30 14:49:38 +02:00
Add rules 3000-3999
2020-06-30 12:48:39 +02:00
----
session_set_cookie_params($lifetime, $path, $domain, true, true); // Compliant: the sensitive cookie is protected against theft thanks to the fifth argument set to true (HttpOnly=true)
----
Fix code block ambiguity with old header style Ensure blank line before list and clean the one leading space
2020-06-30 14:49:38 +02:00
Add rules 3000-3999
2020-06-30 12:48:39 +02:00
----
$value = "sensitive data";
setcookie($name, $value, $expire, $path, $domain, true, true); // Compliant: the sensitive cookie is protected against theft thanks to the seventh argument set to true (HttpOnly=true)
setrawcookie($name, $value, $expire, $path, $domain, true, true); // Compliant: the sensitive cookie is protected against theft thanks to the seventh argument set to true (HttpOnly=true)
----
include::../see.adoc[]
Reference in New Issue Copy Permalink