-
Notifications
You must be signed in to change notification settings - Fork 115
Sample Rule
Pavel Bansky edited this page Jan 8, 2018
·
11 revisions
{
"name": "Insecure URL",
"id": "DS137138",
"description": "An HTTP-based URL without TLS was detected.",
"recommendation": "Update to an HTTPS-based URL if possible.",
"tags": [
"ThreatModel.Integration.HTTP"
],
"severity": "moderate",
"_comment": "",
"rule_info": "DS137138.md",
"patterns": [
{
"pattern": "http:",
"type": "substring",
"scopes": [
"code"
],
"modifiers": ["i"],
"_comment": ""
}
],
"conditions" : [
{
"pattern" :
{
"pattern": "xmlns",
"type": "regex",
"scopes": [
"code"
],
"_comment": ""
},
"negate_finding": true,
"_comment": ""
}
],
"fix_its": [
{
"name": "Change to HTTPS ",
"type": "regex-replace",
"_comment": "",
"replacement": "https:",
"pattern": {
"pattern": "http:",
"type": "regex",
"scopes": [
"code"
],
"modifiers": ["i"],
"_comment": ""
}
}
]
}