Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Add check for reset_session

  • Loading branch information...
commit d6689964e3862ea425d84955b4e977d235ee7253 1 parent 31af3f5
@LTe authored
View
23 lib/scanny/checks/reset_session_check.rb
@@ -0,0 +1,23 @@
+module Scanny
+ module Checks
+ class ResetSessionCheck < Check
+ def pattern
+ pattern_reset_session
+ end
+
+ def check(node)
+ issue :info, warning_message, :cwe => 384
+ end
+
+ private
+
+ def warning_message
+ "Improper resetting the session may lead to security problems"
+ end
+
+ def pattern_reset_session
+ "Send<name = :reset_session>"
+ end
+ end
+ end
+end
View
15 spec/scanny/checks/reset_session_check_spec.rb
@@ -0,0 +1,15 @@
+require "spec_helper"
+
+module Scanny::Checks
+ describe ResetSessionCheck do
+ before do
+ @runner = Scanny::Runner.new(ResetSessionCheck.new)
+ @message = "Improper resetting the session may lead to security problems"
+ @issue = issue(:info, @message, 384)
+ end
+
+ it "reports \"reset_session\" correctly" do
+ @runner.should check("reset_session").with_issue(@issue)
+ end
+ end
+end

0 comments on commit d668996

Please sign in to comment.
Something went wrong with that request. Please try again.