57 lines
1.6 KiB
Plaintext
57 lines
1.6 KiB
Plaintext
include::../description.adoc[]
|
|
|
|
include::../ask-yourself.adoc[]
|
|
|
|
include::../recommended.adoc[]
|
|
|
|
== Sensitive Code Example
|
|
|
|
Builtin functions
|
|
|
|
----
|
|
function sendHttpRequest($url) {
|
|
// The following are sensitive when used with a hard coded http or https url. The limitation is to avoid False positives.
|
|
file_get_contents('https://example.com'); // Sensitive
|
|
fopen('http://example.com', 'r'); // Sensitive
|
|
readfile('http://example.com'); // Sensitive
|
|
copy('http://example.com', 'test.txt'); // Sensitive
|
|
file('http://example.com'); // Sensitive
|
|
|
|
// Some of these function also accept a context. When this context is an 'http' context. See above.
|
|
file_get_contents('http://example.com', false, $context); // Sensitive
|
|
fopen('http://example.com', 'r', false, $context); // Sensitive
|
|
file('http://example.com', 0, $context); // Sensitive
|
|
readfile('http://example.com', False, $context); // Sensitive
|
|
|
|
get_headers('http://example.com'); // Sensitive
|
|
get_meta_tags('http://example.com'); // Sensitive, when used with a hard coded http or https url. The limitation is to avoid False positives.
|
|
}
|
|
----
|
|
|
|
Curl functions
|
|
|
|
----
|
|
$url = 'http://example.com';
|
|
$ch = curl_init();
|
|
curl_setopt($ch, CURLOPT_URL, $url);
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
|
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
|
|
//Execute the request.
|
|
$data = curl_exec($ch); // Sensitive
|
|
curl_close($ch);
|
|
----
|
|
|
|
Guzzle
|
|
|
|
----
|
|
new GuzzleHttp\Client(); // Sensitive
|
|
----
|
|
|
|
PECL HTTP
|
|
|
|
----
|
|
new http\Client\Request('GET', 'http://example.com'); // Sensitive
|
|
----
|
|
|
|
include::../see.adoc[]
|