lib/brakeman/checks/check_session_settings.rb in brakeman-lib-3.7.2 vs lib/brakeman/checks/check_session_settings.rb in brakeman-lib-4.0.0
- old
+ new
@@ -135,29 +135,29 @@
def warn_about_http_only line, file
warn :warning_type => "Session Setting",
:warning_code => :http_cookies,
:message => "Session cookies should be set to HTTP only",
- :confidence => CONFIDENCE[:high],
+ :confidence => :high,
:line => line,
:file => file
end
def warn_about_secret_token line, file
warn :warning_type => "Session Setting",
:warning_code => :session_secret,
:message => "Session secret should not be included in version control",
- :confidence => CONFIDENCE[:high],
+ :confidence => :high,
:line => line,
:file => file
end
def warn_about_secure_only line, file
warn :warning_type => "Session Setting",
:warning_code => :secure_cookies,
:message => "Session cookie should be set to secure only",
- :confidence => CONFIDENCE[:high],
+ :confidence => :high,
:line => line,
:file => file
end
def ignored? file