SonarCloud fixes

AvnerCohen · Nov 22, 2021 · 98a56e5 · 98a56e5
1 parent 5ab9747
commit 98a56e5
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 7 deletions.
diff --git a/exe/http-headers-verifier.rb b/exe/http-headers-verifier.rb
@@ -9,6 +9,7 @@
 
 FILE_NAME_PREFIX = 'headers-rules-'
 HTTP_TIMEOUT_IN_SECONDS = 3
+SET_COOKIE_NAME = 'set-cookie'
 
 if ARGV.length != 3 && ARGV.length != 2
     puts "usage: http-headers-verifier.rb [comma seperated policy names] [url] [?verbose]"
@@ -40,15 +41,15 @@ def verify_headers!(actual_headers, rules)
     actual_headers.each do |expected_pair|
         actual_header, actual_value = expected_pair[0]
         next if checked_already.include? actual_header
-        next if actual_header.downcase ==  'set-cookie'
+        next if actual_header.downcase ==  SET_COOKIE_NAME
         actual_value = actual_headers[actual_header]
         actual_header_errors = HttpHeadersValidations.assert_extra_header(actual_header, actual_value,
                                       rules[:ignored_headers], rules[:headers_to_avoid])
         errors.push(actual_header_errors)  unless actual_header_errors.nil?
     end
 
-    unless actual_headers["set-cookie"].nil?
-        [actual_headers["set-cookie"]].flatten.each do |cookie_str|
+    unless actual_headers[SET_COOKIE_NAME].nil?
+        [actual_headers[SET_COOKIE_NAME]].flatten.each do |cookie_str|
             parsed_cookie = NaiveCookie.new(cookie_str)
             error_text, failed = HttpHeadersValidations.assert_cookie_value(parsed_cookie, rules[:cookie_attr])
             errors.push(error_text) if failed

diff --git a/spec/http_headers_verifier/naive_cookie_spec.rb b/spec/http_headers_verifier/naive_cookie_spec.rb
@@ -2,6 +2,9 @@
 
 require './lib/naive_cookie'
 
+SAME_SITE_CONFIG = 'test_cookie_name=session_value_here; path=/; expires=Tue, 11 Aug 2020 07:17:12 GMT; Secure; HttpOnly; SameSite=Lax'
+
+
 describe NaiveCookie do
 
     describe "NaiveCookie.secure?" do
@@ -11,13 +14,13 @@
             expect(parsed_cookie.secure?).to eq(false)
         end
         it "should mark cookie as secure if secure is present" do
-            cookie_str = "test_cookie_name=session_value_here; path=/; expires=Tue, 11 Aug 2020 07:17:12 GMT; Secure; HttpOnly; SameSite=Lax"
+            cookie_str = SAME_SITE_CONFIG
             parsed_cookie = NaiveCookie.new(cookie_str)
             expect(parsed_cookie.secure?).to eq(true)
 
         end
         it "should mark cookie as secure ignoring case" do
-            cookie_str = "test_cookie_name=session_value_here; path=/; expires=Tue, 11 Aug 2020 07:17:12 GMT; secure; HttpOnly; SameSite=Lax"
+            cookie_str = SAME_SITE_CONFIG
             parsed_cookie = NaiveCookie.new(cookie_str)
             expect(parsed_cookie.secure?).to eq(true)
 
@@ -31,7 +34,7 @@
             expect(parsed_cookie.http_only?).to eq(false)
         end
         it "should mark cookie as http_only if http_only is present" do
-            cookie_str = "test_cookie_name=session_value_here; path=/; expires=Tue, 11 Aug 2020 07:17:12 GMT; Secure; HttpOnly; SameSite=Lax"
+            cookie_str = SAME_SITE_CONFIG
             parsed_cookie = NaiveCookie.new(cookie_str)
             expect(parsed_cookie.http_only?).to eq(true)
 
@@ -51,7 +54,7 @@
             expect(parsed_cookie.same_site).to eq(nil)
         end
         it "should return SameSite config" do
-            cookie_str = "test_cookie_name=session_value_here; path=/; expires=Tue, 11 Aug 2020 07:17:12 GMT; Secure; HttpOnly; SameSite=Lax"
+            cookie_str = SAME_SITE_CONFIG
             parsed_cookie = NaiveCookie.new(cookie_str)
             expect(parsed_cookie.same_site).to eq("Lax")