Picto thématique

Rule n° 27 - Sensitive data is not transmitted unencrypted through URLs.

Personal data can be transmitted and intercepted through the Url. Addresses of the type http//domain.com/index.html?password=rabbit are to be avoided. They are indeed easy to find on the Internet or in audience statistics.

#Personal data #Development

Goal

  • Prevent sensitive data from being made public or stored Unencrypted at any stage in accessing a page (ISP, proxy, web Server, browser history, third-party services, etc.).
  • Allow users to enter sensitive data, safe in the knowledge that They will be protected and kept confidential.

Implementation

Submit sensitive form data by the POST

method. Do not include sensitive data in the link URL.

Control

During operations on the website such as logging in to an account, entering personal data, purchasing, etc., check that none of the data entered appears unencrypted in the URL via the following three checks:

  • Check that identification does not lead to a page with typelogin.php?user=something@password=123;
  • Also check that the pages do not contain links containing this type of information. In fact a link of this type can be made: http://user:pass@example.com/ or ftp://user:pass@example.com/. This is obviously very strongly discouraged and should be banned.
  • Also check that the session id is not passed in the URL, resulting in URLs like page.php?SESSIONID=123abc456def. Anyone retrieving this identifier, including by reading over the user's shoulder, would have access to their account.

It is important to carry out these tests by activating and deactivating the cookies of the browser, certain tools (frameworks, CMS) having the annoying habit of transmitting the information unencrypted in the second case.

By Opquast - Read the license