Details

    • Type: Language-Specification
    • Status: Active
    • Resolution: Unresolved
    • Labels:
      None
    • Impact:
      Unknown 'null' severity
    • Likelihood:
      Unknown 'null' severity

      Description

      Sensitive Code Example

      var urlHttp = "http://example.com";                 // Noncompliant
      var urlFtp = "ftp://anonymous@example.com";         // Noncompliant
      var urlTelnet = "telnet://anonymous@example.com";   // Noncompliant
      
      using var smtp = new SmtpClient("host", 25); // Noncompliant, EnableSsl is not set
      using var telnet = new MyTelnet.Client("host", port); // Noncompliant, rule raises Security Hotspot on any member containing "Telnet"
      

      Compliant Solution

      var urlHttps = "https://example.com";
      var urlSftp = "sftp://anonymous@example.com";
      var urlSsh = "ssh://anonymous@example.com";
      
      using var smtp = new SmtpClient("host", 25) { EnableSsl = true };
      using var ssh = new MySsh.Client("host", port);
      

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            pavel.mikula Pavel Mikula
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated: