Ensure cookies have the secure flag
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。
ID: csharp-security/cookie-secure-flag
Language: C#
Severity: Warning
Category: Security
CWE: 614
Description
Cookies must always have the secure attribute so that they are not sent through an unencrypted HTTP session.
Learn More
Non-Compliant Code Examples
class MyClass {
public static void setSecureCookie()
{
HttpCookie myCookie = new HttpCookie("my cookie");
Console.WriteLine("Hello World");
myCookie.Secure = false;
}
}
class MyClass {
public static void setInsecureCookie()
{
HttpCookie myCookie = new HttpCookie("my cookie");
Console.WriteLine("Hello World");
myCookie.Secure = false;
}
}
Seamless integrations. Try Datadog Code Analysis
