- Prevent sensitive data from being made public or stored Unencrypted at any stage in accessing a page (ISP, proxy, web Server, browser history, third-party services, etc.).
- Allow users to enter sensitive data, safe in the knowledge that They will be protected and kept confidential.
Submit sensitive form data by the
method. Do not include sensitive data in the link URL.
During operations on the website such as logging in to an account, entering personal data, purchasing, etc., check that none of the data entered appears unencrypted in the URL via the following three checks:
- Check that identification does not lead to a page with typelogin.php?user=something@password=123;
- Also check that the pages do not contain links containing this type of information. In fact a link of this type can be made: http://user:email@example.com/ or ftp://user:firstname.lastname@example.org/. This is obviously very strongly discouraged and should be banned.
- Also check that the session id is not passed in the URL, resulting in URLs like page.php?SESSIONID=123abc456def. Anyone retrieving this identifier, including by reading over the user's shoulder, would have access to their account.
It is important to carry out these tests by activating and deactivating the cookies of the browser, certain tools (frameworks, CMS) having the annoying habit of transmitting the information unencrypted in the second case.