File: add-secure-policy.xml

package info (click to toggle)
libowasp-esapi-java 2.1.0-3
  • links: PTS, VCS
  • area: main
  • in suites: buster, stretch
  • size: 7,480 kB
  • ctags: 4,161
  • sloc: java: 26,333; xml: 1,309; sh: 293; makefile: 4
file content (27 lines) | stat: -rw-r--r-- 627 bytes parent folder | download | duplicates (6) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
 
<?xml version="1.0" encoding="UTF-8"?>

	<!--
	This test file exemplifies an add-secure-flag rule.

	Protection #1: Any cookie set by the application will have the secure flag set. This
	               should apply to the application session ID as well as any custom cookies.

	-->

<policy>

	<settings>
		<mode>redirect</mode>
		<error-handling>
			<default-redirect-page>/security/error.jsp</default-redirect-page>
			<block-status>403</block-status>
		</error-handling>
	</settings>
	
	<outbound-rules>
		<add-secure-flag>
			<cookie name=".*"/>
		</add-secure-flag>
	</outbound-rules>
	
</policy>