CRITICAL
Rule Definition
The software constructs all or part of cookie via user-controllable inputs. These inputs are not neutralized. As a consequence, the cookie value may be completely altered.
Remediation
Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
Violation Code Sample
from fastapi import FastAPI, Response
app = FastAPI()
@app.get('/items')
def func(price, response: Response):
response.set_cookie(key="xxx", value=price)
return response
Fixed Code Sample
from fastapi import FastAPI, Response
app = FastAPI()
def db_price(id):
...
@app.get('/items')
def func(item_id, response: Response):
price = db_price(item_id)
response.set_cookie(key="xxx", value=price)
return response
Reference
CWE-472: External Control of Assumed-Immutable Web Parameter
https://cwe.mitre.org/data/definitions/472.html
Open Web Application Security Project (OWASP)
https://owasp.org/Top10/A04_2021-Insecure_Design/
Related Technologies
Technical Criterion
PCI-DSS4-Requirement-6.2.4 - Software engineering techniques or other methods are defined and in use by software development personnel to prevent or mitigate common software attacks and related vulnerabilities
About CAST Appmarq
CAST Appmarq is by far the biggest repository of data about real IT systems. It's built on thousands of analyzed applications, made of 35 different technologies, by over 300 business organizations across major verticals. It provides IT Leaders with factual key analytics to let them know if their applications are on track.