Details

    • Type: Language-Specification
    • Status: Active
    • Resolution: Unresolved
    • Labels:
      None
    • Message:
      Replace this http request with an https equivalent.
    • Impact:
      Unknown 'null' severity
    • Likelihood:
      Unknown 'null' severity

      Description

      Sending request using HTTP protocol exposes every sensitive information to an attacker. The HTTPS protocol should be used instead.

      This rule flags code sending HTTP requests to an "http" endpoint instead of an "https" one.

      Noncompliant Code Example

      public class MyClient {
          public void SendRequest(){
              HttpRequest req = new HttpRequest();
              req.setEndpoint('http://example.com');  // Noncompliant
              // ...
          }
      }
      

      Compliant Solution

      public class MyClient {
          public void SendRequest(){
              HttpRequest req = new HttpRequest();
              req.setEndpoint('https://example.com');
              // ...
          }
      }
      

      See

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              nicolas.harraudeau Nicolas Harraudeau
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: