def django_tests(): from django.http import HttpResponse from django.http import HttpResponseRedirect, HttpResponsePermanentRedirect, HttpResponseBadRequest, HttpResponseNotModified, HttpResponseNotFound, HttpResponseForbidden, HttpResponseNotAllowed, HttpResponseGone, HttpResponseServerError response = HttpResponse() response.set_cookie("C1", "world") # Noncompliant response.set_cookie("C2", "world", secure=None) # Noncompliant response.set_cookie("C3", "world", secure=False) # Noncompliant response.set_cookie("C4", "world", secure=True) response2 = HttpResponseRedirect() response2.set_cookie("C5", "world") # Noncompliant response2.set_cookie("C5", "world", None, None, "/", None, True) # OK response2.set_signed_cookie("C5", "world") # Noncompliant response2.set_signed_cookie("C5", "world", secure=True) # OK response2.set_signed_cookie("C5", "world", other=False, secure=True) # OK response2.set_signed_cookie("C5", "world", secure=False) # Noncompliant response2.set_signed_cookie("C5", "world", secure=None) # Noncompliant response2.set_signed_cookie("C5", "", "world", None, None, "/", None, True) # OK kwargs = {secure: True} response2.set_signed_cookie("C5", "world", **kwargs) # OK kwargs = {secure: False} response2.set_signed_cookie("C5", "world", **kwargs) # FN get_cookie().set_cookie("C3", "world", secure=False) response3 = HttpResponsePermanentRedirect() response3.set_cookie("C6", "world") # Noncompliant response4 = HttpResponseNotModified() response4.set_cookie("C7", "world") # Noncompliant response5 = HttpResponseBadRequest() response5.set_cookie("C8", "world") # Noncompliant response6 = HttpResponseNotFound() response6.set_cookie("C9", "world") # Noncompliant response7 = HttpResponseForbidden() response7.set_cookie("C10", "world") # Noncompliant response8 = HttpResponseNotAllowed() response8.set_cookie("C11", "world") # Noncompliant response9 = HttpResponseGone() response9.set_cookie("C12", "world") # Noncompliant response10 = HttpResponseServerError() response10.set_cookie("C13", "world") # Noncompliant
def logout(request): if request.method != 'POST': # Illegal bad request... message = err.ERR_INCORRECT_HTTP_METHOD response = HttpResponseBadRequest(message) return response if request.POST.has_key('userid'): userid = request.POST['userid'] else: response = HttpResponse("2") response.set_cookie('userid', "") return response if request.COOKIES.has_key('sessioncode'): sessionid = request.COOKIES['sessioncode'] else: response = HttpResponse("2") response.set_cookie('userid', "") return response db = utils.get_mongo_client() tbl = db["sessions"] try: timenow = datetime.datetime.now() dtimestr = timenow.strftime("%Y-%m-%d %H:%M:%S") if DEBUG: print "UserId: " + userid + "\nSessionId: " + sessionid + "\nDatetimestring: " + dtimestr + "\n\n" tbl.update_one({ 'userid': userid, 'sessionid': sessionid }, { "$set": { 'sessionactive': 0, 'sessionendtime': dtimestr, 'keeploggedin': 0 }, "$currentDate": { "lastModified": True } }) response = HttpResponse("1") response.set_cookie('userid', "") return response except: response = HttpResponse("0") response.set_cookie('userid', "") return response