ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S2647/common/fix/ssl.adoc
Egon Okerman 0aa80c7af2
Modify rule S2647: Update to LaYC format (APPSEC-970) (#2917) 
## Review

A dedicated reviewer checked the rule description successfully for:

- [ ] logical errors and incorrect information
- [ ] information gaps and missing content
- [ ] text style and tone
- [ ] PR summary and labels follow [the
guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)
2023-09-05 13:46:16 +00:00

2 lines
489 B
Plaintext
Raw Blame History

==== SSL encryption for HTTP requests
With basic authentication, user credentials are transmitted in plain text, which makes them vulnerable to interception and eavesdropping. However, when HTTPS is employed, the data is encrypted before transmission, making it significantly more difficult for attackers to intercept and decipher the credentials. If no other form of authentication is possible for this code, then every request must be sent over HTTPS to ensure credentials are kept safe.
Reference in New Issue View Git Blame Copy Permalink