Skip to content

Commit

Permalink
Apply pre-commit fix
Browse files Browse the repository at this point in the history 
From the artifact of the previous workflow run
  • Loading branch information
@geo-ghci-int
geo-ghci-int[bot] committed Oct 9, 2024
1 parent 74a6460 commit f0179a5
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion c2cwsgiutils/auth.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,9 @@ def _is_auth_secret(request: pyramid.request.Request) -> bool:
if secret_hash != _hash_secret(expected):
return False
# login or refresh the cookie
request.response.set_cookie(SECRET_ENV, secret_hash, max_age=_COOKIE_AGE, httponly=True, secure=True, SameSite="Strict")
request.response.set_cookie(
SECRET_ENV, secret_hash, max_age=_COOKIE_AGE, httponly=True, secure=True, SameSite="Strict"

Check warning

Code scanning / CodeQL

Construction of a cookie using user-supplied input Medium

Cookie is constructed from a
user-supplied input
Loading
.
Cookie is constructed from a
user-supplied input
Loading
.
)
# since this could be used from outside c2cwsgiutils views, we cannot set the path to c2c
return True
return False
Expand Down

0 comments on commit f0179a5

Please sign in to comment.