Uploaded image for project: 'Rules Repository'
  1. Rules Repository
  2. RSPEC-2255 Writing cookies is security-sensitive
  3. RSPEC-5038

VB.NET

    XMLWordPrintable

    Details

    • Type: Language-Specification
    • Status: Active
    • Resolution: Unresolved
    • Labels:
      None
    • Impact:
      Unknown 'null' severity
    • Likelihood:
      Unknown 'null' severity

      Description

      Sensitive Code Example

      ' === .NET Framework ===

Dim myCookie As HttpCookie = New HttpCookie("UserSettings")
myCookie("CreditCardNumber") = "1234 1234 1234 1234" ' Sensitive; sensitive data stored
myCookie.Values("password") = "5678" ' Sensitive
myCookie.Value = "mysecret" ' Sensitive
...
Response.Cookies.Add(myCookie)


' === .NET Core ===

Response.Headers.Add("Set-Cookie", ...) ' Sensitive
Response.Cookies.Append("mykey", "myValue") ' Sensitive

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            valeri.hristov Valeri Hristov (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated: