Type: Security Hotspot Detection
Message:Make sure that this http request is sent safely.
Irrelevant for Languages:CSS, HTML, XML
Analysis Scope:Main Sources
Sending HTTP requests is security-sensitive. It has led in the past to the following vulnerabilities:
An HTTP request has different kinds of vulnerabilities:
- it sends data which might be intercepted or dangerous.
- it receives a response which might have been crafted by an attacker.
- as each request opens a socket and triggers some processing for the sender and the recipient, it is possible to exhaust resources on both sides by sending too many requests.
This rule flags code that initiates an HTTP request. The goal is to guide security code reviews.
- the http connection is encrypted or not.
- the recipient is not allowed to receive some of the data you send.
- the data sent might be dangerous (example: it contains unvalidated user input).
- an uncontrolled number of requests might be sent. For example, a request might be sent every time a user performs an action, and this action is not limited.
You are at risk if you answered yes to any of those questions.
- First, it is important to encrypt all HTTP connection if there is any chance for them to be eavesdropped. Use HTTPS whenever possible.
- Ensure that you control the URIs you send requests to and the number or requests you send. Your software could otherwise be used to attack other services.
- Avoid sending sensitive information, be it in the URL, header or body. If part of the data comes from an untrusted source, such as a user input, sanitize it beforehand.
- Validate and sanitize the response before using it in any way.