CRITICAL
Rule Definition
Without well-established and maintained trust boundaries, programmers will inevitably lose track of which pieces of data have been validated and which have not. This confusion will eventually allow some data to be used without first being validated.
Remediation
Do not use user inputs directly in session data.
Violation Code Sample
from fastapi import FastAPI, Request
from starlette.middleware.sessions import SessionMiddleware
app = FastAPI()
app.add_middleware(SessionMiddleware, secret_key="xyz")
@app.get("/set_value/")
async def set_value_in_session(value: str, request: Request):
request.session["key"] = value <--- violation
return {"message": f"Value '{value}' set for key '{key}' in session"}
Fixed Code Sample
from fastapi import FastAPI, Request
from starlette.middleware.sessions import SessionMiddleware
app = FastAPI()
app.add_middleware(SessionMiddleware, secret_key="xyz")
@app.get("/set_value/")
safe_data = {...}
async def set_value_in_session(value: str, request: Request):
sanitized_value = safe_data.get(value, "undefined") <--- sanitization: whitelisted value
request.session["key"] = sanitized_value
return {"message": f"Value '{value}' set for key '{key}' in session"}
Reference
CWE-501: Trust Boundary Violation
https://cwe.mitre.org/data/definitions/501.html
Open Web Application Security Project (OWASP)
https://www.owasp.org/index.php/Top_10-2017_A3-Sensitive_Data_Exposure
Related Technologies
Technical Criterion
PCI-DSS4-Requirement-6.2.4 - Software engineering techniques or other methods are defined and in use by software development personnel to prevent or mitigate common software attacks and related vulnerabilities
About CAST Appmarq
CAST Appmarq is by far the biggest repository of data about real IT systems. It's built on thousands of analyzed applications, made of 35 different technologies, by over 300 business organizations across major verticals. It provides IT Leaders with factual key analytics to let them know if their applications are on track.