Skip to content

Commit

Permalink
feat(python): add rule for lang insecure cookie (CWE-614)
Browse files Browse the repository at this point in the history
  • Loading branch information
elsapet committed May 7, 2024
1 parent 84b5b36 commit 95313a7
Show file tree
Hide file tree
Showing 3 changed files with 67 additions and 0 deletions.
40 changes: 40 additions & 0 deletions rules/python/lang/insecure_cookie.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
patterns:
- pattern: |
$<COOKIE_INIT>[$<_>]['secure'] = $<FALSE>
filters:
- variable: COOKIE_INIT
detection: python_lang_insecure_cookie_init
scope: cursor
- variable: "FALSE"
detection: python_lang_insecure_cookie_false
scope: cursor
auxiliary:
- id: python_lang_insecure_cookie_false
patterns:
- "False"
- id: python_lang_insecure_cookie_init
patterns:
- pattern: $<COOKIE>()
filters:
- variable: COOKIE
regex: \A(http\.)?(cookies\.)?(Simple|Base)Cookie\z
languages:
- python
severity: medium
metadata:
description: Missing Secure option in cookie configuration
remediation_message: |-
## Description
When a cookie lacks the Secure option, it can be transmitted over insecure connections, making it vulnerable to interception by unauthorized parties. The Secure option is important because it instructs the browser to only send the cookie over HTTPS, enhancing security.
## Remediations
- **Do** set the `secure` option to `True` for cookies to ensure they are only sent over HTTPS, enhancing the security of data transmission.
```python
cookie['my_session_id']['secure'] = True
```
cwe_id:
- 614
id: python_lang_insecure_cookie
documentation_url: https://docs.bearer.com/reference/rules/python_lang_insecure_cookie
20 changes: 20 additions & 0 deletions tests/python/lang/insecure_cookie/test.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
const {
createNewInvoker,
getEnvironment,
} = require("../../../helper.js")
const { ruleId, ruleFile, testBase } = getEnvironment(__dirname)

describe(ruleId, () => {
const invoke = createNewInvoker(ruleId, ruleFile, testBase)

test("insecure_cookie", () => {
const testCase = "main.py"

const results = invoke(testCase)

expect(results).toEqual({
Missing: [],
Extra: []
})
})
})
7 changes: 7 additions & 0 deletions tests/python/lang/insecure_cookie/testdata/main.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
from http.cookies import BaseCookie

cookie = BaseCookie()

cookie['session_id'] = 'abc123'
# bearer:expected python_lang_insecure_cookie
cookie['session_id']['secure'] = False

0 comments on commit 95313a7

Please sign in to comment.