File tree Expand file tree Collapse file tree 6 files changed +9
-12
lines changed
csharp/ql/test/experimental/Security Features/CWE-1004/CookieHttpOnlyFalseAspNetCore Expand file tree Collapse file tree 6 files changed +9
-12
lines changed Original file line number Diff line number Diff line change 1- | Program.cs:15 :33:15 :37 | false | Cookie attribute 'HttpOnly' is not set to true. |
2- | Program.cs:22 :39:22 :43 | false | Cookie attribute 'HttpOnly' is not set to true. |
1+ | Program.cs:13 :33:13 :37 | false | Cookie attribute 'HttpOnly' is not set to true. |
2+ | Program.cs:20 :39:20 :43 | false | Cookie attribute 'HttpOnly' is not set to true. |
Original file line number Diff line number Diff line change 1- // semmle-extractor-options: ${testdir}/../../../../../resources/stubs/Microsoft.AspNetCore.Authentication.Cookies.cs ${testdir}/../../../../../resources/stubs/Microsoft.AspNetCore.Authentication.cs ${testdir}/../../../../../resources/stubs/Microsoft.Extensions.DependencyInjection.cs ${testdir}/../../../../../resources/stubs/Microsoft.AspNetCore.CookiePolicy.cs ${testdir}/../../../../../resources/stubs/Microsoft.AspNetCore.Hosting.cs ${testdir}/../../../../../resources/stubs/Microsoft.AspNetCore.Http.cs ${testdir}/../../../../../resources/stubs/Microsoft.AspNetCore.Mvc.cs ${testdir}/../../../../../resources/stubs/Microsoft.AspNetCore.Builder.cs
2-
31using Microsoft . AspNetCore . Builder ;
42using Microsoft . AspNetCore . Hosting ;
53using Microsoft . Extensions . DependencyInjection ;
Original file line number Diff line number Diff line change 1- | Program.cs:27 :34:27 :38 | false | Cookie attribute 'HttpOnly' is not set to true. |
2- | Program.cs:40 :88:40 :92 | false | Cookie attribute 'HttpOnly' is not set to true. |
3- | Program.cs:63 :34:63 :34 | access to local variable v | Cookie attribute 'HttpOnly' is not set to true. |
4- | Program.cs:70 :88:70 :88 | access to local variable v | Cookie attribute 'HttpOnly' is not set to true. |
1+ | Program.cs:25 :34:25 :38 | false | Cookie attribute 'HttpOnly' is not set to true. |
2+ | Program.cs:38 :88:38 :92 | false | Cookie attribute 'HttpOnly' is not set to true. |
3+ | Program.cs:61 :34:61 :34 | access to local variable v | Cookie attribute 'HttpOnly' is not set to true. |
4+ | Program.cs:68 :88:68 :88 | access to local variable v | Cookie attribute 'HttpOnly' is not set to true. |
Original file line number Diff line number Diff line change 1- // semmle-extractor-options: ${testdir}/../../../../../resources/stubs/Microsoft.AspNetCore.Http.cs ${testdir}/../../../../../resources/stubs/Microsoft.AspNetCore.Mvc.cs
2-
31public class MyController : Microsoft . AspNetCore . Mvc . Controller
42{
53 public void CookieDelete ( )
Original file line number Diff line number Diff line change 1- // semmle-extractor-options: ${testdir}/../../../../../resources/stubs/Microsoft.AspNetCore.Authentication.Cookies.cs ${testdir}/../../../../../resources/stubs/Microsoft.AspNetCore.Authentication.cs ${testdir}/../../../../../resources/stubs/Microsoft.Extensions.DependencyInjection.cs ${testdir}/../../../../../resources/stubs/Microsoft.AspNetCore.CookiePolicy.cs ${testdir}/../../../../../resources/stubs/Microsoft.AspNetCore.Hosting.cs ${testdir}/../../../../../resources/stubs/Microsoft.AspNetCore.Http.cs ${testdir}/../../../../../resources/stubs/Microsoft.AspNetCore.Mvc.cs ${testdir}/../../../../../resources/stubs/Microsoft.AspNetCore.Builder.cs
2-
31using Microsoft . AspNetCore . Builder ;
42using Microsoft . AspNetCore . Hosting ;
53using Microsoft . Extensions . DependencyInjection ;
Original file line number Diff line number Diff line change 1+ semmle-extractor-options: /nostdlib /noconfig
2+ semmle-extractor-options: --load-sources-from-project:${testdir}/../../../../../resources/stubs/_frameworks/Microsoft.NETCore.App/Microsoft.NETCore.App.csproj
3+ semmle-extractor-options: --load-sources-from-project:${testdir}/../../../../../resources/stubs/_frameworks/Microsoft.AspNetCore.App/Microsoft.AspNetCore.App.csproj
You can’t perform that action at this time.
0 commit comments