You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Current »

Explanation

This rule detects whether a service call or rest service has a URL or host and port parameter defined. Having a URL or host and port defined in the model may result in unexpected behavior. It is only recommended to use the URL
parameter for test purposes. It checks service calls of type: 

  • AQ_RestServiceClient
  • AQ_SoapServiceClient
  • AQ_MailService

Possible improvements

Configure the connection in the application.properties file only. This adds the possibility to make the URL dependent on the environment.
See: https://my.blueriq.com/display/DOC/Connections+Properties

Example

For this SOAP service call, the value of URL is set to the "www.example.com". 

This results in the following security hotspot:



  • No labels