C#: Merge cs/exposure-of-private-information into cs/cleartext-storage-of-sensitive-information,
#15379
Conversation
…f-sensitive-information.
|
QHelp previews: csharp/ql/src/Security Features/CWE-312/CleartextStorage.qhelpClear text storage of sensitive informationSensitive or private information that is stored unencrypted is accessible to an attacker who gains access to the storage. This is particularly important for cookies, which are stored on the machine of the end-user. RecommendationEnsure that sensitive information is always encrypted before being stored. For ASP.NET applications, the If possible, avoid placing sensitive information in cookies all together. Instead, prefer storing a key in the cookie that can be used to lookup the sensitive information. In general, decrypt sensitive information only at the point where it is necessary for it to be used in cleartext. ExampleThe following example shows two ways of storing user credentials in a cookie. In the 'BAD' case, the credentials are simply stored in cleartext. In the 'GOOD' case, the credentials are protected before storing them, using using System.Text;
using System.Web;
using System.Web.Security;
public class CleartextStorageHandler : IHttpHandler
{
public void ProcessRequest(HttpContext ctx)
{
string accountName = ctx.Request.QueryString["AccountName"];
// BAD: Setting a cookie value with cleartext sensitive data.
ctx.Response.Cookies["AccountName"].Value = accountName;
// GOOD: Encoding the value before setting it.
ctx.Response.Cookies["AccountName"].Value = Protect(accountName, "Account name");
}
/// <summary>
/// Protect the cleartext value, using the given type.
/// </summary>
/// <value>
/// The protected value, which is no longer cleartext.
/// </value>
public string Protect(string value, string type)
{
return Encoding.UTF8.GetString(MachineKey.Protect(Encoding.UTF8.GetBytes(value), type));
}
}References
|
No description provided.