ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S5332/apex/rule.adoc
Egon Okerman d1417e82f8
Modify CWE and OWASP Top 10 links to follow standard link format (APPSEC-1134) (#3529) 
* Fix all CWE references

* Fix all OWASP references

* Fix missing CWE prefixes
2024-01-15 17:15:56 +01:00

52 lines
1.1 KiB
Plaintext
Raw Blame History

include::../description.adoc[]
include::../ask-yourself.adoc[]
include::../recommended.adoc[]
== Sensitive Code Example
[source,apex]
----
public class MyClient {
public void SendRequest(){
HttpRequest req = new HttpRequest();
req.setEndpoint('http://example.com'); // Sensitive
// ...
}
}
----
== Compliant Solution
[source,apex]
----
public class MyClient {
public void SendRequest(){
HttpRequest req = new HttpRequest();
req.setEndpoint('https://example.com');
// ...
}
}
----
include::../exceptions.adoc[]
== See
* OWASP - https://owasp.org/Top10/A02_2021-Cryptographic_Failures/[Top 10 2021 Category A2 - Cryptographic Failures]
* OWASP - https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure[Top 10 2017 Category A3 - Sensitive Data Exposure]
* CWE - https://cwe.mitre.org/data/definitions/200[CWE-200 - Information Exposure]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
=== Message
Replace this http request with an https equivalent.
endif::env-github,rspecator-view[]
Reference in New Issue View Git Blame Copy Permalink