diff --git a/scala/src/detectors/avoid-persistent-cookies/compliant.scala b/scala/src/detectors/avoid-persistent-cookies/compliant.scala index 53a5e1c..cec7f22 100644 --- a/scala/src/detectors/avoid-persistent-cookies/compliant.scala +++ b/scala/src/detectors/avoid-persistent-cookies/compliant.scala @@ -3,20 +3,18 @@ * SPDX-License-Identifier: Apache-2.0 */ -import play.api.mvc.{Cookie => PlayCookie, _} -import javax.servlet.http.{Cookie => ServletCookie, HttpServletResponse} - -class AvoidPersistentCookiesCompliant @Inject()(cc: ControllerComponents) extends AbstractController(cc) { - - // {fact rule=avoid-persistent-cookies@v1.0 defects=0} - def compliant(res: HttpServletResponse, name: String, value: String, secure: Boolean = true, maxAge: Int = 60, httpOnly: Boolean = true): Unit = { - val cookie = new Cookie("key", "value") - // Compliant: Cookie `setSecure` method is set to true. - cookie.setSecure(true) - cookie.setMaxAge(60) - cookie.setHttpOnly(true) - res.addCookie(cookie) - } - // {/fact} +import javax.servlet.http.Cookie +import javax.servlet.http.HttpServletResponse +class AvoidPersistentCookiesCompliant { + // {fact rule=avoid-persistent-cookies@v1.0 defects=0} + def compliant(res: HttpServletResponse): Unit = { + val cookie = new Cookie("key", "value") + cookie.setSecure(true) + cookie.setHttpOnly(true) + // Compliant: MaxAge set to one week. + cookie.setMaxAge(604800) + res.addCookie(cookie) + } + // {/fact} } \ No newline at end of file diff --git a/scala/src/detectors/avoid-persistent-cookies/non-compliant.scala b/scala/src/detectors/avoid-persistent-cookies/non-compliant.scala index 965bc19..2eaf63a 100644 --- a/scala/src/detectors/avoid-persistent-cookies/non-compliant.scala +++ b/scala/src/detectors/avoid-persistent-cookies/non-compliant.scala @@ -3,20 +3,18 @@ * SPDX-License-Identifier: Apache-2.0 */ -import play.api.mvc.{Cookie => PlayCookie, _} -import javax.servlet.http.{Cookie => ServletCookie, HttpServletResponse} - -class AvoidPersistentCookiesNoncompliant @Inject()(cc: ControllerComponents) extends AbstractController(cc) { - - // {fact rule=avoid-persistent-cookies@v1.0 defects=1} - def nonCompliant(res: HttpServletResponse, name: String, value: String, secure: Boolean = true, maxAge: Int = 60, httpOnly: Boolean = true): Unit = { - val cookie = new Cookie("key", "value") - // Noncompliant: Cookie `setSecure` method is set to false. - cookie.setSecure(false) - cookie.setMaxAge(60) - cookie.setHttpOnly(true) - res.addCookie(cookie) - } - // {/fact} +import javax.servlet.http.Cookie +import javax.servlet.http.HttpServletResponse +class AvoidPersistentCookiesNoncompliant { + // {fact rule=avoid-persistent-cookies@v1.0 defects=1} + def nonCompliant(res: HttpServletResponse): Unit = { + val cookie = new Cookie("key", "value") + cookie.setSecure(true) + cookie.setHttpOnly(true) + // Noncompliant: MaxAge set to one year. + cookie.setMaxAge(31536000) + res.addCookie(cookie) + } + // {/fact} } \ No newline at end of file diff --git a/scala/src/detectors/insecure-cookie/compliant.scala b/scala/src/detectors/insecure-cookie/compliant.scala index 123accd..f04cbb7 100644 --- a/scala/src/detectors/insecure-cookie/compliant.scala +++ b/scala/src/detectors/insecure-cookie/compliant.scala @@ -3,18 +3,20 @@ * SPDX-License-Identifier: Apache-2.0 */ -import javax.servlet.http.Cookie -import javax.servlet.http.HttpServletResponse +import play.api.mvc.{Cookie => PlayCookie, _} +import javax.servlet.http.{Cookie => ServletCookie, HttpServletResponse} + +class InsecureCookieCompliant @Inject()(cc: ControllerComponents) extends AbstractController(cc) { + + // {fact rule=insecure-cookie@v1.0 defects=0} + def compliant(res: HttpServletResponse, name: String, value: String, secure: Boolean = true, maxAge: Int = 60, httpOnly: Boolean = true): Unit = { + val cookie = new Cookie("key", "value") + // Compliant: Cookie `setSecure` method is set to true. + cookie.setSecure(true) + cookie.setMaxAge(60) + cookie.setHttpOnly(true) + res.addCookie(cookie) + } + // {/fact} -class InsecureCookieCompliant { - // {fact rule=insecure-cookie@v1.0 defects=0} - def compliant(res: HttpServletResponse): Unit = { - val cookie = new Cookie("key", "value") - cookie.setSecure(true) - cookie.setHttpOnly(true) - // Compliant: MaxAge set to one week. - cookie.setMaxAge(604800) - res.addCookie(cookie) - } - // {/fact} } \ No newline at end of file diff --git a/scala/src/detectors/insecure-cookie/non-compliant.scala b/scala/src/detectors/insecure-cookie/non-compliant.scala index 9f8e362..13e7170 100644 --- a/scala/src/detectors/insecure-cookie/non-compliant.scala +++ b/scala/src/detectors/insecure-cookie/non-compliant.scala @@ -3,18 +3,20 @@ * SPDX-License-Identifier: Apache-2.0 */ -import javax.servlet.http.Cookie -import javax.servlet.http.HttpServletResponse +import play.api.mvc.{Cookie => PlayCookie, _} +import javax.servlet.http.{Cookie => ServletCookie, HttpServletResponse} + +class InsecureCookieNoncompliant @Inject()(cc: ControllerComponents) extends AbstractController(cc) { + + // {fact rule=insecure-cookie@v1.0 defects=1} + def nonCompliant(res: HttpServletResponse, name: String, value: String, secure: Boolean = true, maxAge: Int = 60, httpOnly: Boolean = true): Unit = { + val cookie = new Cookie("key", "value") + // Noncompliant: Cookie `setSecure` method is set to false. + cookie.setSecure(false) + cookie.setMaxAge(60) + cookie.setHttpOnly(true) + res.addCookie(cookie) + } + // {/fact} -class InsecureCookieNoncompliant { - // {fact rule=insecure-cookie@v1.0 defects=1} - def nonCompliant(res: HttpServletResponse): Unit = { - val cookie = new Cookie("key", "value") - cookie.setSecure(true) - cookie.setHttpOnly(true) - // Noncompliant: MaxAge set to one year. - cookie.setMaxAge(31536000) - res.addCookie(cookie) - } - // {/fact} } \ No newline at end of file