Skip to content

Commit d4b231b

Browse files
committed
Replace regex
1 parent e290802 commit d4b231b

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

javascript/ql/src/experimental/Security/CWE-614/InsecureCookie.qll

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -112,7 +112,7 @@ module InsecureCookie {
112112
// A cookie is insecure if the 'secure' flag is not specified in the cookie definition.
113113
not exists(string s |
114114
getCookieOptionsArgument().mayHaveStringValue(s) and
115-
s.matches("%; secure%")
115+
s.regexpMatch("(.*;)?\\s*secure.*")
116116
)
117117
}
118118
}

0 commit comments

Comments
 (0)