Skip to content

Commit a2e9456

Browse files
dellaliberaesbena
andauthored
Update javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
1 parent 14c8e4c commit a2e9456

File tree

1 file changed

+2
-1
lines changed

1 file changed

+2
-1
lines changed

javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -94,8 +94,9 @@ module InsecureCookie {
9494
result = this.getCookieOptionsArgument().getAPropertyWrite(flag).getRhs()
9595
}
9696

97-
// A cookie is insecure if there are not cookie options with the `secure` flag set to `true`.
9897
override predicate isInsecure() {
98+
// A cookie is insecure if there are not cookie options with the `secure` flag set to `true`.
99+
99100
not exists(DataFlow::SourceNode cookieOptions |
100101
cookieOptions = this.getCookieOptionsArgument() and
101102
getCookieFlagValue(flag()).mayHaveBooleanValue(true)

0 commit comments

Comments
 (0)