Copy experimental query to main · github/codeql@54aefe0 · GitHub
Skip to content

Commit 54aefe0

Browse files
Copy experimental query to main
1 parent b57243e commit 54aefe0

3 files changed

Lines changed: 294 additions & 0 deletions

File tree

Lines changed: 44 additions & 0 deletions
Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
<!DOCTYPE qhelp SYSTEM "qhelp.dtd">
2+
<qhelp>
3+
4+
<overview>
5+
<p>Cross-Site Scripting (XSS) is categorized as one of the OWASP Top 10 Security Vulnerabilities. The <code>HttpOnly</code> flag directs compatible browsers to prevent client-side script from accessing cookies. Including the <code>HttpOnly</code> flag in the Set-Cookie HTTP response header for a sensitive cookie helps mitigate the risk associated with XSS where an attacker's script code attempts to read the contents of a cookie and exfiltrate information obtained.</p>
6+
</overview>
7+
8+
<recommendation>
9+
<p>Use the <code>HttpOnly</code> flag when generating a cookie containing sensitive information to help mitigate the risk of client side script accessing the protected cookie.</p>
10+
</recommendation>
11+
12+
<example>
13+
<p>The following example shows two ways of generating sensitive cookies. In the 'BAD' cases, the <code>HttpOnly</code> flag is not set. In the 'GOOD' cases, the <code>HttpOnly</code> flag is set.</p>
14+
<sample src="SensitiveCookieNotHttpOnly.java" />
15+
</example>
16+
17+
<references>
18+
<li>
19+
PortSwigger:
20+
<a href="https://portswigger.net/kb/issues/00500600_cookie-without-httponly-flag-set">Cookie without HttpOnly flag set</a>
21+
</li>
22+
<li>
23+
OWASP:
24+
<a href="https://owasp.org/www-community/HttpOnly">HttpOnly</a>
25+
</li>
26+
</references>
27+
</qhelp>
Lines changed: 223 additions & 0 deletions

0 commit comments

Comments
 (0)