Cookie CookieUsage

The information stored in a custom cookie should not be sensitive or related to the session. In most cases, sensitive data should only be stored in session and referenced by the user's session cookie.

IndexedPublic repositoryMediumHigh confidenceVerifiedMITscala

greprules fetch gitlab-sast-scala-cookie-rule-cookieusage --engine opengrep

Description

The information stored in a custom cookie should not be sensitive or related to the session. In most cases, sensitive data should only be stored in session and referenced by the user's session cookie.

Detection target

Not provided

Recommended fix

Not provided

False-positive notes

Not provided

License: MIT
Source context: Public repository
Source: https://gitlab.com/gitlab-org/security-products/sast-rules
Validation status: Verified
Trust signals: 99 downloads
0 direct99 via packs
· 0 stars · Trust score 90How trust works
Included packs: 2 packs

Community feedback

Sign in to report false positives, mark this rule useful, or suggest metadata improvements.

Mark useful Report false positive Suggest metadata