Modify rule S6287: Add FastAPI support (APPSEC-1252) (#3390)

docs/header_names/allowed_framework_names.adoc

@@ -99,6 +99,7 @@
 * pyDes
 * PyJWT
 * python-jwt
+* FastAPI
 * python-jose
 * ssl
 // Docker

rules/S6287/python/how-to-fix-it/fastapi.adoc

@@ -0,0 +1,39 @@
+== How to fix it in FastAPI
+
+=== Code examples
+
+include::../../common/fix/code-rationale.adoc[]
+
+==== Noncompliant code example
+
+[source,python,diff-id=11,diff-type=noncompliant]
+----
+from fastapi import APIRouter
+from fastapi.responses import Response, RedirectResponse
+from fastapi.requests import Request
+
+router = APIRouter()
+
+@router.get('/check-cookie')
+async def check_cookie(request: Request, response: Response, cookie: str | None = None):
+    if "session" not in request.cookies.keys():
+        response.set_cookie("session", cookie)  # Noncompliant
+----
+
+==== Compliant solution
+
+[source,python,diff-id=11,diff-type=compliant]
+----
+from fastapi import APIRouter
+from fastapi.responses import Response, RedirectResponse
+from fastapi.requests import Request
+
+router = APIRouter()
+
+@router.get('/check-cookie')
+async def check_cookie(request: Request):
+    if "session" not in request.cookies.keys():
+        return RedirectResponse("/getcookie")
+----
+
+include::../../common/fix/how-does-this-work.adoc[]

rules/S6287/python/rule.adoc

@@ -8,6 +8,8 @@ include::../impact.adoc[]
 
 include::how-to-fix-it/django.adoc[]
 
+include::how-to-fix-it/fastapi.adoc[]
+
 == Resources
 
 include::../common/resources/standards.adoc[]