rspec/rules/S4825/recommended.adoc

== Recommended Secure Coding Practices

* First, it is important to encrypt all HTTP connection if there is any chance for them to be eavesdropped. Use HTTPS whenever possible.
* Ensure that you control the URIs you send requests to and the number or requests you send. Your software could otherwise be used to attack other services.
* Avoid sending sensitive information, be it in the URL, header or body. If part of the data comes from an untrusted source, such as a user input, sanitize it beforehand.
* Validate and sanitize the response before using it in any way.
Add rules 4000-4999 2020-06-30 12:49:37 +02:00			`== Recommended Secure Coding Practices`

			`* First, it is important to encrypt all HTTP connection if there is any chance for them to be eavesdropped. Use HTTPS whenever possible.`
			`* Ensure that you control the URIs you send requests to and the number or requests you send. Your software could otherwise be used to attack other services.`
			`* Avoid sending sensitive information, be it in the URL, header or body. If part of the data comes from an untrusted source, such as a user input, sanitize it beforehand.`
			`* Validate and sanitize the response before using it in any way.`