include::../description.adoc[]

include::../ask-yourself.adoc[]

== Recommended Secure Coding Practices

Do not enable debugging features on production servers.

The ``++DEBUG++`` and ``++DUMP++`` statements can expose sensitive information to attackers and should not be included in production code.

== Sensitive Code Example

[source,rpg]
----
   H*------------------------------------------------------------------------- 
   H   DATEDIT(*YMD) DEBUG(*YES)                                               
   H**************************************************************************

   C     SR990         BegSR                                                                   
   C     'CVTERR'      DUMP                                                   DUMP for error
   C                   Move      *on           *INLR                                          
----

== Compliant Solution

[source,rpg]
----
   H*------------------------------------------------------------------------- 
   H   DATEDIT(*YMD) 
   H**************************************************************************

   C     SR990         BegSR                                                                   
   C                   Move      *on           *INLR                                          
----

include::../see.adoc[]

ifdef::env-github,rspecator-view[]

'''
== Implementation Specification
(visible only on this page)

=== Message

Make sure this debug clause is removed before delivering the code in production.


'''
== Comments And Links
(visible only on this page)

include::../comments-and-links.adoc[]

endif::env-github,rspecator-view[]