Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CodeQL query to find if an Django application is vulnerable to CSRF #70

Open
Dhayalanb opened this issue Apr 20, 2020 · 0 comments
Open

CodeQL query to find if an Django application is vulnerable to CSRF #70

Dhayalanb opened this issue Apr 20, 2020 · 0 comments
Labels

Comments

@Dhayalanb
Copy link

@Dhayalanb Dhayalanb commented Apr 20, 2020

CVE ID(s)

There's no CVE for this.

Report

When a Django project is created, the CSRF middleware is activated by default in the MIDDLEWARE setting, thereby providing CSRF protection to all the views. It is also possible to disable this to make development easier and unless decorators such as csrf_protect() is used to protect the every single critical views, the application will be vulnerable to Cross-Site Request Forgery (CWE-352).

CSRF Protection can be enabled/ Disabled by adding/ removing the django.middleware.csrf.CsrfViewMiddleware from the MIDDLEWARE variable.

This PR adds a CodeQL query with unit tests, which checks if any forms of CSRF prevention mechanism is enabled.

CSRF mechanism tested:

  1. Presence of django.middleware.csrf.CsrfViewMiddleware in MIDDLEWARE variable.
  2. Presence of any decorators such as requires_csrf_token(), ensure_csrf_cookie(), csrf_protect()
  3. Presence of import of CsrfViewMiddleware class
    The details are present in PR: github/codeql#3296
  • Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc). We would love to have you spread the word about the good work you are doing
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant
You can’t perform that action at this time.