16f6c0aecf
Inline adoc files when they are included exactly once. Also fix language tags because this inlining gives us better information on what language the code is written in.
54 lines
1004 B
Plaintext
54 lines
1004 B
Plaintext
== Why is this an issue?
|
|
|
|
include::../description.adoc[]
|
|
|
|
=== Noncompliant code example
|
|
|
|
[source,xml]
|
|
----
|
|
// in web.xml
|
|
<web-app ...>
|
|
<!-- ... -->
|
|
<login-config>
|
|
<auth-method>BASIC</auth-method>
|
|
</login-config>
|
|
</web-app>
|
|
----
|
|
|
|
=== Exceptions
|
|
|
|
The rule will not raise any issue if HTTPS is enabled, on any URL-pattern.
|
|
|
|
[source,xml]
|
|
----
|
|
<web-app ...>
|
|
<!-- ... -->
|
|
<security-constraint>
|
|
<web-resource-collection>
|
|
<web-resource-name>HTTPS enabled</web-resource-name>
|
|
<url-pattern>/*</url-pattern>
|
|
</web-resource-collection>
|
|
<user-data-constraint>
|
|
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
|
|
</user-data-constraint>
|
|
</security-constraint>
|
|
</web-app>
|
|
----
|
|
|
|
include::../see.adoc[]
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
include::../message.adoc[]
|
|
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
include::../comments-and-links.adoc[]
|
|
endif::env-github,rspecator-view[]
|