ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S2092/csharp/rule.adoc

31 lines
1002 B
Plaintext
Raw Normal View History

Add rules 2000-2999
2020-06-30 12:48:07 +02:00
include::../description.adoc[]
include::../ask-yourself.adoc[]
include::../recommended.adoc[]
== Sensitive Code Example
In C# you can specify the secure flag with the HttpCookie.secure property:
----
HttpCookie myCookie = new HttpCookie("Sensitive cookie");
myCookie.Secure = false; // Sensitive: a security-sensitive cookie is created with the secure flag set to false
----
change the inline-code delimitters
2020-12-23 14:59:06 +01:00
The https://docs.microsoft.com/en-us/dotnet/api/system.web.httpcookie.secure?view=netframework-4.8[default value] of ``secure`` flag is false:
Fix code block ambiguity with old header style Ensure blank line before list and clean the one leading space
2020-06-30 14:49:38 +02:00
Add rules 2000-2999
2020-06-30 12:48:07 +02:00
----
HttpCookie myCookie = new HttpCookie("Sensitive cookie");
// Sensitive: a security-sensitive cookie is created with the secure flag not defined (by default set to false)
----
== Compliant Solution
----
HttpCookie myCookie = new HttpCookie("Sensitive cookie");
myCookie.Secure = true; // Compliant: the security-sensitive cookie will not be send during an unencrypted HTTP request thanks to the secure flag (Secure property) set to true
----
include::../see.adoc[]
Reference in New Issue Copy Permalink