Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-14490

Improve SonarXML analysis: 7 new security rules targeting android and web applications

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 8.8
    • Component/s: None
    • Edition:
      Community
    • Production Notes:
      None

      Description

      • S5122: Having a permissive Cross-Origin Resource Sharing policy is security-sensitive
      • S3330: "HttpOnly" should be set on cookies
      • S2647: Basic authentication should not be used
      • S5594: Restrict access to exported components with appropriate permissions
      • S4507: Delivering code in production with debug features activated is security-sensitive
      • S5604: Requesting dangerous Android permissions is security-sensitive
      • S2068 Hard-coded credentials are security-sensitive

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              wouter.admiraal Wouter Admiraal
              Reporter:
              sonarqube.tech SonarQube Technical user
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Due:
                Created:
                Updated:
                Resolved: