From 5a224ee0c92d1639395d6a0c629316ae64226125 Mon Sep 17 00:00:00 2001
From: xXx-caillou-xXx
Date: Fri, 24 Nov 2017 14:03:37 +0100
Subject: Implement anti csrf measures

This is done by using the "samesite" cookie attribute.---
 src/tests/config/broken_conf_cookie_action.ini          | 1 +
 src/tests/config/broken_conf_cookie_samesite.ini        | 1 +
 src/tests/config/broken_conf_line_empty_string.ini      | 2 +-
 src/tests/config/broken_conf_line_no_closing.ini        | 2 +-
 src/tests/config/broken_conf_lots_of_quotes.ini         | 2 +-
 src/tests/config/broken_conf_wrong_quotes.ini           | 2 +-
 src/tests/config/config_encrypted_cookies.ini           | 2 +-
 src/tests/config/config_encrypted_cookies_empty_env.ini | 2 +-
 src/tests/config/config_encrypted_cookies_noname.ini    | 2 +-
 src/tests/config/config_samesite_cookies.ini            | 5 +++++
 src/tests/config/encrypt_cookies_no_env.ini             | 2 +-
 src/tests/config/encrypt_cookies_no_key.ini             | 2 +-
 12 files changed, 16 insertions(+), 9 deletions(-)
 create mode 100644 src/tests/config/broken_conf_cookie_action.ini
 create mode 100644 src/tests/config/broken_conf_cookie_samesite.ini
 create mode 100644 src/tests/config/config_samesite_cookies.ini

(limited to 'src/tests/config')

diff --git a/src/tests/config/broken_conf_cookie_action.ini b/src/tests/config/broken_conf_cookie_action.ini
new file mode 100644
index 0000000..5f07c28
--- /dev/null
+++ b/src/tests/config/broken_conf_cookie_action.ini
@@ -0,0 +1 @@
+sp.cookie.name("my_cookie_name");
diff --git a/src/tests/config/broken_conf_cookie_samesite.ini b/src/tests/config/broken_conf_cookie_samesite.ini
new file mode 100644
index 0000000..acc4aa0
--- /dev/null
+++ b/src/tests/config/broken_conf_cookie_samesite.ini
@@ -0,0 +1 @@
+sp.cookie.name("my_cookie_name").samesite("nop");
diff --git a/src/tests/config/broken_conf_line_empty_string.ini b/src/tests/config/broken_conf_line_empty_string.ini
index c130384..dfa5520 100644
--- a/src/tests/config/broken_conf_line_empty_string.ini
+++ b/src/tests/config/broken_conf_line_empty_string.ini
@@ -1 +1 @@
-sp.cookie_encryption.cookie(
+sp.cookie.name(
diff --git a/src/tests/config/broken_conf_line_no_closing.ini b/src/tests/config/broken_conf_line_no_closing.ini
index 24dc3f0..6a8c922 100644
--- a/src/tests/config/broken_conf_line_no_closing.ini
+++ b/src/tests/config/broken_conf_line_no_closing.ini
@@ -1 +1 @@
-sp.cookie_encryption.cookie("123"
+sp.cookie.name("123"
diff --git a/src/tests/config/broken_conf_lots_of_quotes.ini b/src/tests/config/broken_conf_lots_of_quotes.ini
index 310bce5..189a10d 100644
--- a/src/tests/config/broken_conf_lots_of_quotes.ini
+++ b/src/tests/config/broken_conf_lots_of_quotes.ini
@@ -1 +1 @@
-sp.cookie_encryption.cookie("this\"is a weird\"\"\"cookie\"name"");
+sp.cookie.name("this\"is a weird\"\"\"cookie\"name"");
diff --git a/src/tests/config/broken_conf_wrong_quotes.ini b/src/tests/config/broken_conf_wrong_quotes.ini
index 1c13e96..ff41f93 100644
--- a/src/tests/config/broken_conf_wrong_quotes.ini
+++ b/src/tests/config/broken_conf_wrong_quotes.ini
@@ -1 +1 @@
-sp.cookie_encryption.cookie("\)
+sp.cookie.name("\)
diff --git a/src/tests/config/config_encrypted_cookies.ini b/src/tests/config/config_encrypted_cookies.ini
index 977d27f..4b50440 100644
--- a/src/tests/config/config_encrypted_cookies.ini
+++ b/src/tests/config/config_encrypted_cookies.ini
@@ -1,3 +1,3 @@
 sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
-sp.cookie_encryption.cookie("super_cookie");
+sp.cookie.name("super_cookie").encrypt();
 sp.auto_cookie_secure.enable();
diff --git a/src/tests/config/config_encrypted_cookies_empty_env.ini b/src/tests/config/config_encrypted_cookies_empty_env.ini
index ac1f840..8c7c779 100644
--- a/src/tests/config/config_encrypted_cookies_empty_env.ini
+++ b/src/tests/config/config_encrypted_cookies_empty_env.ini
@@ -1,2 +1,2 @@
 sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
-sp.cookie_encryption.cookie("super_cookie");
+sp.cookie.name("super_cookie").encrypt();
diff --git a/src/tests/config/config_encrypted_cookies_noname.ini b/src/tests/config/config_encrypted_cookies_noname.ini
index 27773e3..048e404 100644
--- a/src/tests/config/config_encrypted_cookies_noname.ini
+++ b/src/tests/config/config_encrypted_cookies_noname.ini
@@ -1,3 +1,3 @@
 sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
-sp.cookie_encryption.cookie("");
+sp.cookie.name("").encrypt();
 sp.auto_cookie_secure.enable();
diff --git a/src/tests/config/config_samesite_cookies.ini b/src/tests/config/config_samesite_cookies.ini
new file mode 100644
index 0000000..9fb5f25
--- /dev/null
+++ b/src/tests/config/config_samesite_cookies.ini
@@ -0,0 +1,5 @@
+sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.cookie.name("super_cookie").samesite("Lax");
+sp.cookie.name("awful_cookie").samesite("strict").encrypt();
+sp.cookie.name("nice_cookie").samesite("STRICT");
+sp.auto_cookie_secure.enable();
diff --git a/src/tests/config/encrypt_cookies_no_env.ini b/src/tests/config/encrypt_cookies_no_env.ini
index 9e1c025..845bd02 100644
--- a/src/tests/config/encrypt_cookies_no_env.ini
+++ b/src/tests/config/encrypt_cookies_no_env.ini
@@ -1,2 +1,2 @@
 sp.global.secret_key("abcdef");
-sp.cookie_encryption.cookie("super_cookie");
+sp.cookie.name("super_cookie").encrypt();
diff --git a/src/tests/config/encrypt_cookies_no_key.ini b/src/tests/config/encrypt_cookies_no_key.ini
index 1b5cf83..a585e12 100644
--- a/src/tests/config/encrypt_cookies_no_key.ini
+++ b/src/tests/config/encrypt_cookies_no_key.ini
@@ -1,2 +1,2 @@
 sp.global.cookie_env_var("TEST");
-sp.cookie_encryption.cookie("super_cookie");
+sp.cookie.name("super_cookie").encrypt();
-- 
cgit v1.3