ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S5527/javascript/how-to-fix-it/node-js.adoc
Loris S c622e8e4d3
Modify S5527: Learn-As-You-Code migration (#2269) 
## Review

A dedicated reviewer checked the rule description successfully for:

- [x] logical errors and incorrect information
- [x] information gaps and missing content
- [x] text style and tone
- [x] PR summary and labels follow [the
guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)

---------

Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com>
2023-06-28 17:11:41 +02:00

87 lines
1.6 KiB
Plaintext
Raw Blame History

== How to fix it in Node.js
=== Code examples
include::../../common/fix/code-rationale.adoc[]
:cert_method_name: checkServerIdentity
include::../../common/fix/code-rationale-override.adoc[]
==== Noncompliant code example
[source,javascript,diff-id=1,diff-type=noncompliant]
----
const https = require('node:https');
let options = {
hostname: 'www.example.com',
port: 443,
path: '/',
method: 'GET',
checkServerIdentity: function() {}, // Noncompliant
secureProtocol: 'TLSv1_2_method'
};
let req = https.request(options, (res) => {
res.on('data', (d) => {
process.stdout.write(d);
});
});
----
[source,javascript,diff-id=2,diff-type=noncompliant]
----
const tls = require('node:tls');
let options = {
checkServerIdentity: function() {}, // Noncompliant
secureProtocol: 'TLSv1_2_method'
};
let socket = tls.connect(443, "www.example.com", options, () => {
process.stdin.pipe(socket);
process.stdin.resume();
});
----
==== Compliant solution
[source,javascript,diff-id=1,diff-type=compliant]
----
const https = require('node:https');
let options = {
hostname: 'www.example.com',
port: 443,
path: '/',
method: 'GET',
secureProtocol: 'TLSv1_2_method'
};
let req = https.request(options, (res) => {
res.on('data', (d) => {
process.stdout.write(d);
});
});
----
[source,javascript,diff-id=2,diff-type=compliant]
----
const tls = require('node:tls');
let options = {
secureProtocol: 'TLSv1_2_method'
};
let socket = tls.connect(443, "www.example.com", options, () => {
process.stdin.pipe(socket);
process.stdin.resume();
});
----
=== How does this work?
include::../../common/fix/validation.adoc[]
Reference in New Issue View Git Blame Copy Permalink