File tree Expand file tree Collapse file tree 2 files changed +5
-9
lines changed
src/experimental/Security/CWE/CWE-1004
test/experimental/query-tests/security/CWE-1004 Expand file tree Collapse file tree 2 files changed +5
-9
lines changed Original file line number Diff line number Diff line change @@ -74,13 +74,9 @@ class MatchesHttpOnlyConfiguration extends TaintTracking2::Configuration {
7474 }
7575}
7676
77- /** A class descended from `javax.servlet.http.Cookie` or `javax/jakarta.ws.rs.core.NewCookie` . */
77+ /** A class descended from `javax.servlet.http.Cookie`. */
7878class CookieClass extends RefType {
79- CookieClass ( ) {
80- this .getASupertype * ( ) .hasQualifiedName ( "javax.servlet.http" , "Cookie" )
81- or
82- this .getASupertype * ( ) .hasQualifiedName ( [ "javax.ws.rs.core" , "jakarta.ws.rs.core" ] , "NewCookie" )
83- }
79+ CookieClass ( ) { this .getASupertype * ( ) .hasQualifiedName ( "javax.servlet.http" , "Cookie" ) }
8480}
8581
8682/** Holds if `expr` is any boolean-typed expression other than literal `false`. */
Original file line number Diff line number Diff line change 77| SensitiveCookieNotHttpOnly.java:42:42:42:57 | ... + ... : String | SensitiveCookieNotHttpOnly.java:42:42:42:69 | ... + ... |
88| SensitiveCookieNotHttpOnly.java:52:42:52:113 | new NewCookie(...) : NewCookie | SensitiveCookieNotHttpOnly.java:52:42:52:124 | toString(...) |
99| SensitiveCookieNotHttpOnly.java:52:56:52:75 | "session-access-key" : String | SensitiveCookieNotHttpOnly.java:52:42:52:113 | new NewCookie(...) : NewCookie |
10- | SensitiveCookieNotHttpOnly.java:52:56:52:75 | "session-access-key" : String | SensitiveCookieNotHttpOnly.java:52:42:52:124 | toString(...) |
11- | SensitiveCookieNotHttpOnly.java:63:51:63:70 | "session-access-key" : String | SensitiveCookieNotHttpOnly.java:64:25:64:39 | accessKeyCookie : NewCookie |
12- | SensitiveCookieNotHttpOnly.java:63:51:63:70 | "session-access-key" : String | SensitiveCookieNotHttpOnly.java:65:42:65:47 | keyStr |
10+ | SensitiveCookieNotHttpOnly.java:63:37:63:115 | new NewCookie(...) : NewCookie | SensitiveCookieNotHttpOnly.java:64:25:64:39 | accessKeyCookie : NewCookie |
11+ | SensitiveCookieNotHttpOnly.java:63:51:63:70 | "session-access-key" : String | SensitiveCookieNotHttpOnly.java:63:37:63:115 | new NewCookie(...) : NewCookie |
1312| SensitiveCookieNotHttpOnly.java:64:25:64:39 | accessKeyCookie : NewCookie | SensitiveCookieNotHttpOnly.java:64:25:64:50 | toString(...) : String |
1413| SensitiveCookieNotHttpOnly.java:64:25:64:50 | toString(...) : String | SensitiveCookieNotHttpOnly.java:65:42:65:47 | keyStr |
1514| SensitiveCookieNotHttpOnly.java:70:28:70:35 | "token=" : String | SensitiveCookieNotHttpOnly.java:71:42:71:50 | secString |
3231| SensitiveCookieNotHttpOnly.java:52:42:52:113 | new NewCookie(...) : NewCookie | semmle.label | new NewCookie(...) : NewCookie |
3332| SensitiveCookieNotHttpOnly.java:52:42:52:124 | toString(...) | semmle.label | toString(...) |
3433| SensitiveCookieNotHttpOnly.java:52:56:52:75 | "session-access-key" : String | semmle.label | "session-access-key" : String |
34+ | SensitiveCookieNotHttpOnly.java:63:37:63:115 | new NewCookie(...) : NewCookie | semmle.label | new NewCookie(...) : NewCookie |
3535| SensitiveCookieNotHttpOnly.java:63:51:63:70 | "session-access-key" : String | semmle.label | "session-access-key" : String |
3636| SensitiveCookieNotHttpOnly.java:64:25:64:39 | accessKeyCookie : NewCookie | semmle.label | accessKeyCookie : NewCookie |
3737| SensitiveCookieNotHttpOnly.java:64:25:64:50 | toString(...) : String | semmle.label | toString(...) : String |
You can’t perform that action at this time.
0 commit comments