56 lines
1.2 KiB
Plaintext
56 lines
1.2 KiB
Plaintext
include::../description.adoc[]
|
|
|
|
include::../ask-yourself.adoc[]
|
|
|
|
include::../recommended.adoc[]
|
|
|
|
== Sensitive Code Example
|
|
|
|
----
|
|
$url = "http://example.com"; // Sensitive
|
|
$url = "ftp://anonymous@example.com"; // Sensitive
|
|
$url = "telnet://anonymous@example.com"; // Sensitive
|
|
|
|
$con = ftp_connect('example.com'); // Sensitive
|
|
|
|
$trans = (new Swift_SmtpTransport('XXX', 1234)); // Sensitive
|
|
|
|
$mailer = new PHPMailer(true); // Sensitive
|
|
|
|
define( 'FORCE_SSL_ADMIN', false); // Sensitive
|
|
define( 'FORCE_SSL_LOGIN', false); // Sensitive
|
|
----
|
|
|
|
== Compliant Solution
|
|
|
|
----
|
|
$url = "https://example.com"; // Compliant
|
|
$url = "sftp://anonymous@example.com"; // Compliant
|
|
$url = "ssh://anonymous@example.com"; // Compliant
|
|
|
|
$con = ftp_ssl_connect('example.com'); // Compliant
|
|
|
|
$trans = (new Swift_SmtpTransport('smtp.example.org', 1234))
|
|
->setEncryption('tls') // Compliant
|
|
;
|
|
|
|
$mailer = new PHPMailer(true);
|
|
$mailer->SMTPSecure = 'tls'; // Compliant
|
|
|
|
define( 'FORCE_SSL_ADMIN', true); // Compliant
|
|
define( 'FORCE_SSL_LOGIN', true); // Compliant
|
|
----
|
|
|
|
include::../exceptions.adoc[]
|
|
|
|
include::../see.adoc[]
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
include::../message.adoc[]
|
|
|
|
endif::env-github,rspecator-view[]
|