UNPKG

@microsoft/eslint-plugin-sdl

Version:

ESLint plugin focused on common security issues and misconfigurations discoverable during static testing as part of Microsoft Security Development Lifecycle (SDL)

github.com/microsoft/eslint-plugin-sdl

microsoft/eslint-plugin-sdl

14 lines (7 loc) 555 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
# Do not use HTTP cookies in modern applications (no-cookies) HTTP cookies are an old client-side storage mechanism with inherent risks and limitations. Use Web Storage, IndexedDB or other modern methods instead. Cookies should be used only in rare and justifiable cases after thorough security review. ## Further Reading - [Using HTTP cookies](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies) ## Related Rules - [tslint-microsoft-contrib/no-cookies](https://github.com/microsoft/tslint-microsoft-contrib/blob/master/src/noCookiesRule.ts)