ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S6688/secrets/rule.adoc
Loris S 1f304e54ca
Create Shared content: Make impacts consistents across messenger secrets (#2950) 
## Review

A dedicated reviewer checked the rule description successfully for:

- [ ] logical errors and incorrect information
- [ ] information gaps and missing content
- [ ] text style and tone
- [ ] PR summary and labels follow [the
guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)

---------

Co-authored-by: daniel-teuchert-sonarsource <141642369+daniel-teuchert-sonarsource@users.noreply.github.com>
2023-08-24 14:27:22 +02:00

58 lines
1.4 KiB
Plaintext
Raw Blame History

include::../../../shared_content/secrets/description.adoc[]
== Why is this an issue?
include::../../../shared_content/secrets/rationale.adoc[]
=== What is the potential impact?
A Facebook application secret key is a unique authentication token assigned to
a Facebook application. It is used to authenticate and authorize the
application to access Facebook's APIs and services, such as:
* retrieving user data
* posting on behalf of users
* accessing various Facebook features
Below are some real-world scenarios that illustrate some impacts of an attacker
exploiting the secret.
include::../../../shared_content/secrets/impact/personal_data_compromise.adoc[]
:secret_type: secret
include::../../../shared_content/secrets/impact/phishing.adoc[]
include::../../../shared_content/secrets/impact/malware_distribution.adoc[]
== How to fix it
include::../../../shared_content/secrets/fix/revoke.adoc[]
include::../../../shared_content/secrets/fix/vault.adoc[]
=== Code examples
:example_secret: a569a8eee3802560e1416edbc4ee119d
:example_name: facebook_secret
:example_env: FACEBOOK_SECRET
include::../../../shared_content/secrets/examples.adoc[]
//=== How does this work?
//=== Pitfalls
//=== Going the extra mile
== Resources
include::../../../shared_content/secrets/resources/standards.adoc[]
=== Documentation
* Facebook documentation - https://developers.facebook.com/docs/facebook-login/security[Login Security]
//=== Benchmarks
Reference in New Issue View Git Blame Copy Permalink