fluidasserts.format.cookie module

This module allows to check Cookies vulnerabilities.

fluidasserts.format.cookie.has_not_httponly_in_cookiejar(cookie_name, cookie_jar, *args, **kwargs)

Check if the cookie in the cookie_jar has the httponly attribute.

Parameters
  • cookie_name (str) – Name of the cookie to test.

  • cookie_jar (dict) – Dict-like collection of cookies as returned by requests.cookies.

  • *args – Optional positional arguments for HTTPSession.

  • **kwargs – Optional keyword arguments for HTTPSession.

Return type

bool

fluidasserts.format.cookie.has_not_httponly_set(cookie_name, url, *args, **kwargs)

Check if the cookie in the url has the httponly attribute.

Parameters
  • cookie_name (str) – Name of the cookie to test.

  • url (str) – URL to get cookies.

  • *args – Optional positional arguments for HTTPSession.

  • **kwargs – Optional keyword arguments for HTTPSession.

Return type

bool

fluidasserts.format.cookie.has_not_samesite_in_cookiejar(cookie_name, cookie_jar, *args, **kwargs)

Check if the cookie in the cookie_jar has the samesite attribute.

Parameters
  • cookie_name (str) – Name of the cookie to test.

  • cookie_jar (dict) – Dict-like collection of cookies as returned by requests.cookies.

  • *args – Optional positional arguments for HTTPSession.

  • **kwargs – Optional keyword arguments for HTTPSession.

Return type

bool

fluidasserts.format.cookie.has_not_samesite_set(cookie_name, url, *args, **kwargs)

Check if the cookie in the url has the samesite attribute.

Parameters
  • cookie_name (str) – Name of the cookie to test.

  • url (str) – URL to get cookies.

  • *args – Optional positional arguments for HTTPSession.

  • **kwargs – Optional keyword arguments for HTTPSession.

Return type

bool

fluidasserts.format.cookie.has_not_secure_in_cookiejar(cookie_name, cookie_jar, *args, **kwargs)

Check if the cookie in the cookie_jar has the secure attribute.

Parameters
  • cookie_name (str) – Name of the cookie to test.

  • cookie_jar (dict) – Dict-like collection of cookies as returned by requests.cookies.

  • *args – Optional positional arguments for HTTPSession.

  • **kwargs – Optional keyword arguments for HTTPSession.

Return type

bool

fluidasserts.format.cookie.has_not_secure_set(cookie_name, url, *args, **kwargs)

Check if the cookie in the url has the secure attribute.

Parameters
  • cookie_name (str) – Name of the cookie to test.

  • url (str) – URL to get cookies.

  • *args – Optional positional arguments for HTTPSession.

  • **kwargs – Optional keyword arguments for HTTPSession.

Return type

bool