From 3ce547a0b253cfdac193b75753fbe378363b412b Mon Sep 17 00:00:00 2001 From: Jonathan Hodgson Date: Wed, 2 Dec 2020 10:54:10 +0000 Subject: [PATCH] BIN: Analyse-headers: Adds to description for cookie flag --- bin/.bin/webtest/analyse-headers | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/bin/.bin/webtest/analyse-headers b/bin/.bin/webtest/analyse-headers index fed1cc52..97ff84e7 100755 --- a/bin/.bin/webtest/analyse-headers +++ b/bin/.bin/webtest/analyse-headers @@ -255,7 +255,8 @@ sent over unencrypted channels\n\n" fi if ! echo "$value" | grep -q "SameSite=Strict"; then - output+="SameSite controls whether a cookie is sent with cross-origin requests, \ + output+="The SameSite flag isn't set to Strict. The SameSite flag \ +controls whether a cookie is sent with cross-origin requests, \ providing some protection against cross-site request forgery attacks. Strict means the browser sends the cookie only for same-site requests\n\n" ret=$((ret>1 ? ret : 1)) @@ -402,6 +403,7 @@ echo "$missingHeaders" | while read line; do "$functionName" >> "$tmpfile" done +echo "" cat "$tmpfile" rm "$tmpfile"