def run(self): policy = DefaultCookiePolicy() req = Request('https://example.com/anybad') if policy.path_return_ok('/any', req): self.exit_vulnerable() else: self.exit_fixed()