Modify rule S2092: Add FastAPI (APPSEC-1260) (#3391)

## Review A dedicated reviewer checked the rule description successfully for: - [ ] logical errors and incorrect information - [ ] information gaps and missing content - [ ] text style and tone - [ ] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)
SonarSource · Nov 6, 2023 · 89b4a93 · 89b4a93
1 parent 6429a96
commit 89b4a93
Showing 1 changed file with 36 additions and 5 deletions.
diff --git a/rules/S2092/python/rule.adoc b/rules/S2092/python/rule.adoc
@@ -6,33 +6,64 @@ include::../recommended.adoc[]
 
 == Sensitive Code Example
 
-Flask
+Using Flask:
 
+[source,python,diff-id=11,diff-type=noncompliant]
 ----
 from flask import Response
 
 @app.route('/')
 def index():
     response = Response()
-    response.set_cookie('key', 'value') # Sensitive
+    response.set_cookie('key', 'value')  # Sensitive
     return response
 ----
 
+Using FastAPI:
+
+[source,python,diff-id=21,diff-type=noncompliant]
+----
+from fastapi import FastAPI, Response
+
+app = FastAPI()
+
+@app.get('/')
+async def index(response: Response):
+    response.set_cookie('key', 'value')  # Sensitive
+    return {"message": "Hello world!"}
+----
+
+
 == Compliant Solution
 
-Flask
+Using Flask:
 
-[source,python]
+[source,python,diff-id=11,diff-type=compliant]
 ----
 from flask import Response
 
 @app.route('/')
 def index():
     response = Response()
-    response.set_cookie('key', 'value', secure=True) # Compliant
+    response.set_cookie('key', 'value', secure=True)
     return response
 ----
 
+Using FastAPI:
+
+[source,python,diff-id=21,diff-type=compliant]
+----
+from fastapi import FastAPI, Response
+
+app = FastAPI()
+
+@app.get('/')
+async def index(response: Response):
+    response.set_cookie('key', 'value', secure=True)
+    return {"message": "Hello world!"}
+----
+
+
 include::../see.adoc[]
 
 ifdef::env-github,rspecator-view[]