rspec/rules/S4423/javascript/rule.adoc

include::../description.adoc[]

== Noncompliant Code Example

https://nodejs.org/api/https.html[https] built-in module:
----
let options = {
  hostname: 'www.example.com',
  port: 443,
  path: '/',
  method: 'GET',
  secureProtocol: 'TLSv1_method' // Noncompliant: TLS1.0 is insecure
};

let req = https.request(options, (res) => {
  console.log('statusCode:', res.statusCode);
  console.log('headers:', res.headers);

  res.on('data', (d) => {
    process.stdout.write(d);
  });
});  // Noncompliant
----

https://nodejs.org/api/tls.html[tls] built-in module:
----
let options = {
  secureProtocol: 'TLSv1_method' Noncompliant: TLS1.0 is insecure
};

let socket = tls.connect(443, "www.example.com", options, () => {
  console.log('client connected',
              socket.authorized ? 'authorized' : 'unauthorized');
});  // Noncompliant
----

https://www.npmjs.com/package/request[request] module:
----
let socket = request.get({
    url: 'https://www.example.com/',
    secureProtocol: 'TLSv1_method' // Noncompliant: TLS 1.0 is insecure
});
----

== Compliant Solution

https://nodejs.org/api/https.html[https] built-in module:
----
let options = {
  hostname: 'www.example.com',
  port: 443,
  path: '/',
  method: 'GET',
  secureProtocol: 'TLSv1_2_method'
};

let req = https.request(options, (res) => {
  console.log('statusCode:', res.statusCode);
  console.log('headers:', res.headers);

  res.on('data', (d) => {
    process.stdout.write(d);
  });
});  // Compliant
----


https://nodejs.org/api/tls.html[tls] built-in module:
----
let options = {
  secureProtocol: 'TLSv1_2_method'
};

let socket = tls.connect(443, "www.example.com", options, () => {
  console.log('client connected',
              socket.authorized ? 'authorized' : 'unauthorized');
}); 
----

https://www.npmjs.com/package/request[request] module:
----
let socket = request.get({
    url: 'https://www.example.com/',
    secureProtocol: 'TLSv1_2_method' // Compliant
});
----

include::../see.adoc[]