绿盟检测到目标URL存在客户端(JavaScript)Cookie引用

冷血雏风
768 阅读1分钟

1.代码中不使用cookie存储数据 2.去掉js-cookie依赖

npm uninstall js-cookie

3.在vue 构建项目中打包后依然发现有.cookie 导致扫描不通过 发现node_modules/axios/lib/helpers/cookies.js 手动去除该依赖中的cookie设置

'use strict';

var utils = require('./../utils');

module.exports = (
  utils.isStandardBrowserEnv() ?

  // Standard browser envs support document.cookie
  (function standardBrowserEnv() {
    return {
      write: function write(name, value, expires, path, domain, secure) {
        // var cookie = [];
        // cookie.push(name + '=' + encodeURIComponent(value));

        // if (utils.isNumber(expires)) {
        //   cookie.push('expires=' + new Date(expires).toGMTString());
        // }

        // if (utils.isString(path)) {
        //   cookie.push('path=' + path);
        // }

        // if (utils.isString(domain)) {
        //   cookie.push('domain=' + domain);
        // }

        // if (secure === true) {
        //   cookie.push('secure');
        // }

        // document.cookie = cookie.join('; ');
      },

      read: function read(name) {
        // var match = document.cookie.match(new RegExp('(^|;\\s*)(' + name + ')=([^;]*)'));
        // return (match ? decodeURIComponent(match[3]) : null);
        return null;
      },

      remove: function remove(name) {
        this.write(name, '', Date.now() - 86400000);
      }
    };
  })() :

  // Non standard browser env (web workers, react-native) lack needed support.
  (function nonStandardBrowserEnv() {
    return {
      write: function write() {},
      read: function read() { return null; },
      remove: function remove() {}
    };
  })()
);
avatar
文章
阅读
粉丝