rspec/rules/S5332/recommended.adoc

== Recommended Secure Coding Practices

* Use ``++ssh++`` as an alternative to ``++telnet++``
* Use ``++sftp++``, ``++scp++`` or ``++ftps++`` instead of ``++ftp++``
* Use ``++https++`` instead of ``++http++``
* Use ``++SMTP++`` over ``++SSL/TLS++`` or ``++SMTP++`` with ``++STARTTLS++`` instead of clear-text SMTP
* Configure your application to block mixed content when rendering web pages.

It is recommended to secure all transport channels (event local network) as it can take a single non secure connection to compromise an entire application or system.
Add rules 5000-5999 2020-06-30 12:50:28 +02:00			`== Recommended Secure Coding Practices`

make in-line code blocks verbatim 2021-01-27 13:42:22 +01:00			* Use ``++ssh++`` as an alternative to ``++telnet++``
			* Use ``++sftp++``, ``++scp++`` or ``++ftps++`` instead of ``++ftp++``
			* Use ``++https++`` instead of ``++http++``
			* Use ``++SMTP++`` over ``++SSL/TLS++`` or ``++SMTP++`` with ``++STARTTLS++`` instead of clear-text SMTP
Modify rule S5332[java]: support Android WebView insecure mixed content policy (#458) 2021-10-12 09:21:31 +02:00			`* Configure your application to block mixed content when rendering web pages.`
Add rules 5000-5999 2020-06-30 12:50:28 +02:00
			`It is recommended to secure all transport channels (event local network) as it can take a single non secure connection to compromise an entire application or system.`