Uploaded image for project: 'SonarLint For IntelliJ'
  1. SonarLint For IntelliJ
  2. SLI-576

Disclose project-related info only to trusted servers

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 5.0.1
    • Fix Version/s: 5.2
    • Component/s: Connected Mode
    • Labels:
      None

      Description

      The Security Hotspots discovery endpoint (/sonarlint/api/status) should disclose project-related information in the description field only to trusted servers, a.k.a servers for which SonarLint already has connection settings and credentials. The response to untrusted servers should only contain the name of the IDE.

        Attachments

          Activity

            People

            Assignee:
            julien.henry Julien Henry
            Reporter:
            jeanbaptiste.lievremont Jean-Baptiste Lievremont
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Due:
              Created:
              Updated:
              Resolved: