We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
I believe the CodeQL documentation here conflicts with MDN by omission:
In this example cookie1 is accessible from online-bank.com ... HttpCookie cookie1 = new HttpCookie("sessionID"); cookie1.Domain = "online-bank.com";
In this example cookie1 is accessible from online-bank.com ...
HttpCookie cookie1 = new HttpCookie("sessionID"); cookie1.Domain = "online-bank.com";
https://codeql.github.com/codeql-query-help/csharp/cs-web-broad-cookie-domain/
According to MDN, that cookie would also be available to subdomains:
For example, if you set Domain=mozilla.org, cookies are available on mozilla.org and its subdomains like developer.mozilla.org.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#domain_attribute
The CodeQL documentation should state that "In this example cookie1 is accessible from online-bank.com and its subdomains".
The text was updated successfully, but these errors were encountered:
Thanks for mentioning this. I'll take a look.
Sorry, something went wrong.
No branches or pull requests
I believe the CodeQL documentation here conflicts with MDN by omission:
https://codeql.github.com/codeql-query-help/csharp/cs-web-broad-cookie-domain/
According to MDN, that cookie would also be available to subdomains:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#domain_attribute
The CodeQL documentation should state that "In this example cookie1 is accessible from online-bank.com and its subdomains".
The text was updated successfully, but these errors were encountered: