67 lines
1.3 KiB
Plaintext
67 lines
1.3 KiB
Plaintext
|
include::../description.adoc[]
|
||
|
|
|
||
|
|
include::../ask-yourself.adoc[]
|
||
|
|
|
||
|
|
include::../recommended.adoc[]
|
||
|
|
|
||
|
|
== Sensitive Code Examples
|
||
|
|
|
||
|
|
For python3:
|
||
|
|
|
||
|
|
----
|
||
|
|
import http.cookies
|
||
|
|
|
||
|
|
setCookie = http.cookies.SimpleCookie()
|
||
|
|
setCookie['restricted_cookie'] = 'cookie_value'
|
||
|
|
setCookie['restricted_cookie']['domain'] = '.com' # Sensitive
|
||
|
|
setCookie['restricted_cookie']['path'] = '/'
|
||
|
|
----
|
||
|
|
For flask:
|
||
|
|
|
||
|
|
----
|
||
|
|
from flask import app, make_response, render_template
|
||
|
|
|
||
|
|
@app.route('/')
|
||
|
|
def index():
|
||
|
|
http_response = make_response(render_template())
|
||
|
|
http_response.set_cookie(
|
||
|
|
"restricted_cookie",
|
||
|
|
domain='.com', # Sensitive
|
||
|
|
path='/'
|
||
|
|
)
|
||
|
|
|
||
|
|
return http_response
|
||
|
|
----
|
||
|
|
|
||
|
|
== Compliant Solution
|
||
|
|
|
||
|
|
For python3:
|
||
|
|
|
||
|
|
----
|
||
|
|
import http.cookies
|
||
|
|
|
||
|
|
setCookie = http.cookies.SimpleCookie()
|
||
|
|
setCookie['restricted_cookie'] = 'cookie_value'
|
||
|
|
setCookie['restricted_cookie']['domain'] = '.sonarsource.com' # Compliant
|
||
|
|
setCookie['restricted_cookie']['path'] = '/'
|
||
|
|
----
|
||
|
|
For flask:
|
||
|
|
|
||
|
|
----
|
||
|
|
from flask import app, make_response, render_template
|
||
|
|
|
||
|
|
|
||
|
|
@app.route('/')
|
||
|
|
def index():
|
||
|
|
http_response = make_response(render_template())
|
||
|
|
http_response.set_cookie(
|
||
|
|
"restricted_cookie",
|
||
|
|
domain='sonarsource.com', # Compliant
|
||
|
|
path='/'
|
||
|
|
)
|
||
|
|
|
||
|
|
return http_response
|
||
|
|
----
|
||
|
|
|
||
|
|
include::../see.adoc[]
|