rspec/rules/S4502/ask-yourself.adoc

== Ask Yourself Whether

* The web application uses cookies to authenticate users.
* There exist sensitive operations in the web application that can be performed when the user is authenticated.
* The state / resources of the web application can be modified by doing HTTP POST or HTTP DELETE requests for example.

There is a risk if you answered yes to any of those questions.
Add missing rules because of approximative section names 2020-06-30 14:41:58 +02:00			`== Ask Yourself Whether`

Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00			`* The web application uses cookies to authenticate users.`
			`* There exist sensitive operations in the web application that can be performed when the user is authenticated.`
			`* The state / resources of the web application can be modified by doing HTTP POST or HTTP DELETE requests for example.`
Add missing rules because of approximative section names 2020-06-30 14:41:58 +02:00
			`There is a risk if you answered yes to any of those questions.`