Skip to content

Commit 2a32297

Browse files
dellaliberadellalibera
committed
Changed .qhelp
1 parent 91d4485 commit 2a32297

File tree

1 file changed

+0
-58
lines changed

1 file changed

+0
-58
lines changed

javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qhelp

Lines changed: 0 additions & 58 deletions
Original file line numberDiff line numberDiff line change
@@ -12,64 +12,6 @@ This makes it easier for an attacker to intercept.</p>
1212
to an HTTP response (if the default value is `false`).</p>
1313

1414
</recommendation>
15-
<example>
16-
17-
<p>In the first example the `secure` flag is set to `false` using the express middleware `cookie-session`.
18-
In the second example the `secure` flag is set to `true` (it is set `false` by default for HTTP, `true` by default for HTTPS).</p>
19-
20-
<sample src="examples/cookie-session_bad.js" />
21-
<sample src="examples/cookie-session_good.js" />
22-
23-
</example>
24-
25-
<example>
26-
27-
<p>The first four examples show four ways of adding a cookie using the express middleware `express-session`.
28-
Since the default value for the flag `secure` is false, each example shows a possible scenario where a cookie is set with
29-
the `secure` to `false`.
30-
In the last example the `secure` flag is set to `true`.</p>
31-
32-
<sample src="examples/express-session_bad1_false.js" />
33-
<sample src="examples/express-session_bad2_notSet.js" />
34-
<sample src="examples/express-session_bad3_setEmpty.js" />
35-
<sample src="examples/express-session_bad4.js" />
36-
<sample src="examples/express-session_good.js" />
37-
38-
</example>
39-
40-
<example>
41-
42-
<p>The first two examples show two ways of adding a cookie using the method `response.cookie`.
43-
In both cases the `secure` flag is to `false`.
44-
In the last example the `secure` flag is set to `true`.</p>
45-
46-
<sample src="examples/express_response-cookie_bad1.js" />
47-
<sample src="examples/express_response-cookie_bad2.js" />
48-
<sample src="examples/express_response-cookie_good1.js" />
49-
50-
</example>
51-
52-
53-
<example>
54-
55-
<p>The first example shows when the `secure` flag is set using the method `Set-Cookie` header of an `HTTP` response.
56-
In this case the `secure` flag is not set.
57-
In the last example the `secure` flag is set.</p>
58-
59-
<sample src="examples/httpserver_bad.js" />
60-
<sample src="examples/httpserver_good.js" />
61-
62-
</example>
63-
64-
<example>
65-
66-
<p>In the first example the `secure` flag is set to `false` using the `js-cookie` library.
67-
In the second example the `secure` flag is set to `true`.</p>
68-
69-
<sample src="examples/jsCookie_bad.js" />
70-
<sample src="examples/jsCookie_good.js" />
71-
72-
</example>
7315

7416
<references>
7517

0 commit comments

Comments
 (0)