chore: set cookie secure (#377)

* chore: fix secure alert about set_cookie Signed-off-by: Keming <kemingy94@gmail.com> * fix more set_cookie Signed-off-by: Keming <kemingy94@gmail.com> * fix test re Signed-off-by: Keming <kemingy94@gmail.com> --------- Signed-off-by: Keming <kemingy94@gmail.com>
0b01001001 · Oct 3, 2024 · c828143 · c828143
1 parent 89893e4
commit c828143
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 2 deletions.
diff --git a/tests/flask_imports/dry_plugin_flask.py b/tests/flask_imports/dry_plugin_flask.py
@@ -208,7 +208,8 @@ def test_flask_make_response_post(client):
     assert resp.json == {"name": payload.name, "score": [payload.limit]}
     assert resp.headers.get("lang") == "en-US"
     cookie_result = re.match(
-        r"^test_cookie=\"((\w+\s?){3})\";\sPath=/$", resp.headers.get("Set-Cookie")
+        r"^test_cookie=\"((\w+\s?){3})\"; Secure; HttpOnly; Path=/; SameSite=Strict$",
+        resp.headers.get("Set-Cookie"),
     )
     assert cookie_result.group(1) == payload.name
 
@@ -227,7 +228,8 @@ def test_flask_make_response_get(client):
     assert resp.json == {"name": payload.name, "score": [payload.limit]}
     assert resp.headers.get("lang") == "en-US"
     cookie_result = re.match(
-        r"^test_cookie=\"((\w+\s?){3})\";\sPath=/$", resp.headers.get("Set-Cookie")
+        r"^test_cookie=\"((\w+\s?){3})\"; Secure; HttpOnly; Path=/; SameSite=Strict$",
+        resp.headers.get("Set-Cookie"),
     )
     assert cookie_result.group(1) == payload.name
 

diff --git a/tests/test_plugin_flask.py b/tests/test_plugin_flask.py
@@ -211,6 +211,9 @@ def return_make_response_post():
     response.set_cookie(
         key="test_cookie",
         value=model_data.name,
+        secure=True,
+        httponly=True,
+        samesite="Strict",
     )
     return response
 
@@ -226,6 +229,9 @@ def return_make_response_get():
     response.set_cookie(
         key="test_cookie",
         value=model_data.name,
+        secure=True,
+        httponly=True,
+        samesite="Strict",
     )
     return response
 

diff --git a/tests/test_plugin_flask_blueprint.py b/tests/test_plugin_flask_blueprint.py
@@ -198,6 +198,9 @@ def return_make_response_post():
     response.set_cookie(
         key="test_cookie",
         value=model_data.name,
+        secure=True,
+        httponly=True,
+        samesite="Strict",
     )
     return response
 
@@ -213,6 +216,9 @@ def return_make_response_get():
     response.set_cookie(
         key="test_cookie",
         value=model_data.name,
+        secure=True,
+        httponly=True,
+        samesite="Strict",
     )
     return response
 

diff --git a/tests/test_plugin_flask_view.py b/tests/test_plugin_flask_view.py
@@ -212,6 +212,9 @@ def post(self):
         response.set_cookie(
             key="test_cookie",
             value=model_data.name,
+            secure=True,
+            httponly=True,
+            samesite="Strict",
         )
         return response
 
@@ -229,6 +232,9 @@ def get(self):
         response.set_cookie(
             key="test_cookie",
             value=model_data.name,
+            secure=True,
+            httponly=True,
+            samesite="Strict",
         )
         return response