Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add cookie validator #229

Merged
merged 2 commits into from Apr 11, 2022
Merged

Add cookie validator #229

merged 2 commits into from Apr 11, 2022

Conversation

emilejq
Copy link
Collaborator

@emilejq emilejq commented Apr 10, 2022

Proposed changes

Rules for cookies are currently only able to be applied to all cookies. This PR adds a cookie validator so that rules can be applied on a per-cookie basis. For example:

set-cookie:
    required: True
    cookies:
        my-cookie:
            required: True
            must-contain: SameSite=Strict

As the validation methods were getting a bit long doing header, directive and cookie validations, I've created separate validator classes for each

Type of change

What types of changes do you want to introduce to DrHeader?

  • Bugfix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change
  • Documentation Update
  • Test Update
  • Rules Update
  • Other (please describe)

Please ensure your pull request adheres to the following guidelines:

  • A Github Issue that explains the work.
  • The changes are in a branch that is reasonably up to date
  • Tests are provided to reasonably cover new or altered functionality.
  • Documentation is provided for the new or altered functionality.
  • You have the legal right to give us this code.
  • You have adhered to the CoC

Link to the github issue

#228

Tests you have added

test_validators.py

test_drheader.py:
test_cookie__exists_validation_ko
test_cookie__not_exists_validation_ko
test_cookie__must_avoid_validation_ko
test_cookie__must_contain_validation_ko
test_cookie__must_contain_one_validation_ko

Anything Else

Thanks for getting this far !

@emilejq emilejq enabled auto-merge (squash) April 10, 2022 19:16
@mrjonstrong mrjonstrong self-requested a review April 11, 2022 15:25
@emilejq emilejq merged commit 99855d6 into Santandersecurityresearch:develop Apr 11, 2022
mrjonstrong
mrjonstrong approved these changes Apr 11, 2022
View reviewed changes
tests/integration_tests/utils.py Show resolved Hide resolved
tests/unit_tests/test_validators.py Show resolved Hide resolved
@emilejq emilejq deleted the cookie-validator branch April 11, 2022 16:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mrjonstrong mrjonstrong mrjonstrong approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@emilejq @mrjonstrong