Fluid Attacks Database

Description

Identifies Scala code that creates cookies without setting the secure flag property. Cookies without the secure flag can be transmitted over insecure HTTP connections, potentially exposing sensitive information to attackers who can intercept network traffic.

Weakness:

130 - Insecurely generated cookies - Secure

Category: Access Subversion

Detection Strategy

• Check if the code imports javax.servlet.http packages

• Find calls to the addCookie method

• Analyze if the cookie is created without setting the secure flag to true

• Report vulnerability if a cookie is added without proper secure flag configuration

Vulnerable code example

import javax.servlet.http.{Cookie, HttpServletResponse}

def insecureCookieExample(response: HttpServletResponse): Unit = {
  val cookie = new Cookie("sessionId", "abc123")  // Vulnerable: Cookie created without secure flag
  response.addCookie(cookie)  // Cookie sent without secure flag, allowing transmission over HTTP
}

✅ Secure code example

import javax.servlet.http.{Cookie, HttpServletResponse}

def secureCookieExample(response: HttpServletResponse): Unit = {
  val cookie = new Cookie("sessionId", "abc123")
  cookie.setSecure(true)     // Ensures cookie is only sent over HTTPS
  cookie.setHttpOnly(true)   // Prevents JavaScript access to cookie
  response.addCookie(cookie)
}

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.