Skip to content

Commit 4606444

Browse files
RasmusWLRasmusWL
committed
Python: Model CookieWrite for flask 
1 parent 65c526d commit 4606444

File tree

2 files changed

+39
-3
lines changed

2 files changed

+39
-3
lines changed

python/ql/src/semmle/python/frameworks/Flask.qll

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -465,4 +465,39 @@ module Flask {
465465
result = "text/html"
466466
}
467467
}
468+
469+
// ---------------------------------------------------------------------------
470+
// flask.Response related
471+
// ---------------------------------------------------------------------------
472+
/**
473+
* A call to `set_cookie` on a Flask HTTP Response.
474+
*
475+
* See https://flask.palletsprojects.com/en/2.0.x/api/#flask.Response.set_cookie
476+
*/
477+
class FlaskResponseSetCookieCall extends HTTP::Server::CookieWrite::Range,
478+
DataFlow::MethodCallNode {
479+
FlaskResponseSetCookieCall() { this.calls(Flask::Response::instance(), "set_cookie") }
480+
481+
override DataFlow::Node getHeaderArg() { none() }
482+
483+
override DataFlow::Node getNameArg() { result in [this.getArg(0), this.getArgByName("key")] }
484+
485+
override DataFlow::Node getValueArg() { result in [this.getArg(1), this.getArgByName("value")] }
486+
}
487+
488+
/**
489+
* A call to `delete_cookie` on a Flask HTTP Response.
490+
*
491+
* See https://flask.palletsprojects.com/en/2.0.x/api/#flask.Response.delete_cookie
492+
*/
493+
class FlaskResponseDeleteCookieCall extends HTTP::Server::CookieWrite::Range,
494+
DataFlow::MethodCallNode {
495+
FlaskResponseDeleteCookieCall() { this.calls(Flask::Response::instance(), "delete_cookie") }
496+
497+
override DataFlow::Node getHeaderArg() { none() }
498+
499+
override DataFlow::Node getNameArg() { result in [this.getArg(0), this.getArgByName("key")] }
500+
501+
override DataFlow::Node getValueArg() { none() }
502+
}
468503
}

python/ql/test/library-tests/frameworks/flask/response_test.py

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -191,10 +191,11 @@ def redirect_simple(): # $requestHandler
191191
@app.route("/setting_cookie") # $routeSetup="/setting_cookie"
192192
def setting_cookie(): # $requestHandler
193193
resp = make_response() # $ HttpResponse mimetype=text/html
194-
resp.set_cookie("key", "value") # $ MISSING: CookieWrite CookieName="key" CookieValue="value"
195-
resp.set_cookie(key="key", value="value") # $ MISSING: CookieWrite CookieName="key" CookieValue="value"
194+
resp.set_cookie("key", "value") # $ CookieWrite CookieName="key" CookieValue="value"
195+
resp.set_cookie(key="key", value="value") # $ CookieWrite CookieName="key" CookieValue="value"
196196
resp.headers.add("Set-Cookie", "key2=value2") # $ MISSING: CookieWrite CookieRawHeader="key2=value2"
197-
resp.delete_cookie("key3") # $ MISSING: CookieWrite CookieName="key3"
197+
resp.delete_cookie("key3") # $ CookieWrite CookieName="key3"
198+
resp.delete_cookie(key="key3") # $ CookieWrite CookieName="key3"
198199
return resp # $ SPURIOUS: HttpResponse mimetype=text/html responseBody=resp
199200

200201
################################################################################

0 commit comments

Comments
 (0)