def django_tests():
from django.http import HttpResponse
from django.http import HttpResponseRedirect, HttpResponsePermanentRedirect, HttpResponseBadRequest, HttpResponseNotModified, HttpResponseNotFound, HttpResponseForbidden, HttpResponseNotAllowed, HttpResponseGone, HttpResponseServerError
response = HttpResponse()
response.set_cookie("C1", "world") # Noncompliant
response.set_cookie("C2", "world", secure=None) # Noncompliant
response.set_cookie("C3", "world", secure=False) # Noncompliant
response.set_cookie("C4", "world", secure=True)
response2 = HttpResponseRedirect()
response2.set_cookie("C5", "world") # Noncompliant
response2.set_cookie("C5", "world", None, None, "/", None, True) # OK
response2.set_signed_cookie("C5", "world") # Noncompliant
response2.set_signed_cookie("C5", "world", secure=True) # OK
response2.set_signed_cookie("C5", "world", other=False, secure=True) # OK
response2.set_signed_cookie("C5", "world", secure=False) # Noncompliant
response2.set_signed_cookie("C5", "world", secure=None) # Noncompliant
response2.set_signed_cookie("C5", "", "world", None, None, "/", None,
True) # OK
kwargs = {secure: True}
response2.set_signed_cookie("C5", "world", **kwargs) # OK
kwargs = {secure: False}
response2.set_signed_cookie("C5", "world", **kwargs) # FN
get_cookie().set_cookie("C3", "world", secure=False)
response3 = HttpResponsePermanentRedirect()
response3.set_cookie("C6", "world") # Noncompliant
response4 = HttpResponseNotModified()
response4.set_cookie("C7", "world") # Noncompliant
response5 = HttpResponseBadRequest()
response5.set_cookie("C8", "world") # Noncompliant
response6 = HttpResponseNotFound()
response6.set_cookie("C9", "world") # Noncompliant
response7 = HttpResponseForbidden()
response7.set_cookie("C10", "world") # Noncompliant
response8 = HttpResponseNotAllowed()
response8.set_cookie("C11", "world") # Noncompliant
response9 = HttpResponseGone()
response9.set_cookie("C12", "world") # Noncompliant
response10 = HttpResponseServerError()
response10.set_cookie("C13", "world") # Noncompliant
def logout(request):
if request.method != 'POST': # Illegal bad request...
message = err.ERR_INCORRECT_HTTP_METHOD
response = HttpResponseBadRequest(message)
return response
if request.POST.has_key('userid'):
userid = request.POST['userid']
else:
response = HttpResponse("2")
response.set_cookie('userid', "")
return response
if request.COOKIES.has_key('sessioncode'):
sessionid = request.COOKIES['sessioncode']
else:
response = HttpResponse("2")
response.set_cookie('userid', "")
return response
db = utils.get_mongo_client()
tbl = db["sessions"]
try:
timenow = datetime.datetime.now()
dtimestr = timenow.strftime("%Y-%m-%d %H:%M:%S")
if DEBUG:
print "UserId: " + userid + "\nSessionId: " + sessionid + "\nDatetimestring: " + dtimestr + "\n\n"
tbl.update_one({
'userid': userid,
'sessionid': sessionid
}, {
"$set": {
'sessionactive': 0,
'sessionendtime': dtimestr,
'keeploggedin': 0
},
"$currentDate": {
"lastModified": True
}
})
response = HttpResponse("1")
response.set_cookie('userid', "")
return response
except:
response = HttpResponse("0")
response.set_cookie('userid', "")
return response
