rspec/rules/S5144/description.adoc

User-supplied data, such as URL parameters, POST data payloads, or cookies, should always be considered untrusted and tainted. Performing requests from user-controlled data could allow attackers to make arbitrary requests on the internal network or to change their original meaning and thus to retrieve or delete sensitive information.


The problem could be mitigated in any of the following ways:

* Validate the user-provided data, such as the URL and headers, used to construct the request.
* Redesign the application to not send requests based on user-provided data.
Modify Rules: Multiple typo on missing hyphens (#660) 2021-12-13 16:18:55 +01:00			`User-supplied data, such as URL parameters, POST data payloads, or cookies, should always be considered untrusted and tainted. Performing requests from user-controlled data could allow attackers to make arbitrary requests on the internal network or to change their original meaning and thus to retrieve or delete sensitive information.`
Add rules 5000-5999 2020-06-30 12:50:28 +02:00
Force linebreaks 2021-02-02 15:02:10 +01:00
Add rules 5000-5999 2020-06-30 12:50:28 +02:00			`The problem could be mitigated in any of the following ways:`
Fix code block ambiguity with old header style Ensure blank line before list and clean the one leading space 2020-06-30 14:49:38 +02:00
Modify Rules: Multiple typo on missing hyphens (#660) 2021-12-13 16:18:55 +01:00			`* Validate the user-provided data, such as the URL and headers, used to construct the request.`
			`* Redesign the application to not send requests based on user-provided data.`