Update Test.java

mbaluda · web-flow · commit 04f1fe523ab1 · 2022-12-02T18:01:10.000+01:00
diff --git a/java/ql/test/query-tests/security/CWE-311/CWE-614/semmle/tests/Test.java b/java/ql/test/query-tests/security/CWE-311/CWE-614/semmle/tests/Test.java
@@ -84,5 +84,15 @@ public static void test(HttpServletRequest request, HttpServletResponse response
 			response.addCookie(cookie);
 		}
 
+		{
+			// GOOD: set secure flag in call to `createSecureCookie`
+			response.addCookie(createSecureCookie());
+		}
+	}
+	
+	private static Cookie createSecureCookie() {
+		Cookie cookie = new Cookie("secret", "fakesecret");
+		cookie.setSecure(constTrue);
+		return cookie;
 	}
 }

Original file line number	Diff line number	Diff line change
`@@ -84,5 +84,15 @@ public static void test(HttpServletRequest request, HttpServletResponse response`
`84`	`84`	`response.addCookie(cookie);`
`85`	`85`	`}`
`86`	`86`
	`87`	`+ {`
	`88`	+ // GOOD: set secure flag in call to `createSecureCookie`
	`89`	`+ response.addCookie(createSecureCookie());`
	`90`	`+ }`
	`91`	`+ }`
	`92`	`+`
	`93`	`+ private static Cookie createSecureCookie() {`
	`94`	`+ Cookie cookie = new Cookie("secret", "fakesecret");`
	`95`	`+ cookie.setSecure(constTrue);`
	`96`	`+ return cookie;`
`87`	`97`	`}`
`88`	`98`	`}`