include::../description.adoc[]

include::../ask-yourself.adoc[]

include::../recommended.adoc[]

== Sensitive Code Example

Flask:

----
from flask import Response

@app.route('/')
def index():
    response = Response()
    response.set_cookie('key', 'value') # Sensitive
    return response
----

== Compliant Solution

Flask:

[source,python]
----
from flask import Response

@app.route('/')
def index():
    response = Response()
    response.set_cookie('key', 'value', httponly=True) # Compliant
    return response
----

include::../see.adoc[]

ifdef::env-github,rspecator-view[]

'''
== Implementation Specification
(visible only on this page)

include::../message.adoc[]

'''
== Comments And Links
(visible only on this page)

=== on 28 Oct 2019, 07:43:14 Alexandre Gigleux wrote:
To be reviewed: "Sensitive" comment is missing on the "Sensitive Code Examples" section.

=== on 28 Oct 2019, 15:17:04 Tolun Ardahanli wrote:
Thank you for review. I updated.

include::../comments-and-links.adoc[]

endif::env-github,rspecator-view[]