== How to fix it in Django

=== Code examples

include::../../common/fix/code-rationale.adoc[]

==== Noncompliant code example

[source,python,diff-id=1,diff-type=noncompliant]
----
from django.shortcuts import render

def check_cookie(request):
    response = render(request, "welcome.html")

    if not "sessionid" in request.COOKIE:
        cookie = request.GET.get("cookie")
        response.set_cookie("sessionid", cookie)  # Noncompliant

    return response
----

==== Compliant solution

[source,python,diff-id=1,diff-type=compliant]
----
from django.http import HttpResponseRedirect
from django.shortcuts import render

def check_cookie(request):
    response = render(request, "welcome.html")

    if not "sessionid" in request.COOKIE:
        return HttpResponseRedirect("/getcookie")

    return response
----

include::../../common/fix/how-does-this-work.adoc[]