gitlab.security_code_scan.SCS0019-1

unknown
Download Count*
MIT
License

Having the annotation [OutputCache] will disable the annotation [Authorize] for the requests following the first one.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit RuleView Source
Open in Playground 
rules:
  - id: security_code_scan.SCS0019-1
    patterns:
      - pattern-inside: |
          [Authorize]
          public class $CLZ {
            ...
          }
      - pattern: |
          [OutputCache]
          public $RET $FOO(...)
          {
            ...
          }
    message: >
      Having the annotation [OutputCache] will disable the annotation
      [Authorize] for

      the requests following the first one.
    languages:
      - csharp
    severity: INFO
    metadata:
      category: security
      cwe: "CWE-524: Use of Cache Containing Sensitive Information"
      license: MIT