Sensitive information should not be exposed through log files or stack traces. Ensure that sensitive information is redacted and that logging is used only in debug mode with test data.
1public void SensitiveInformationLeakNoncompliant()
2{
3 string url = "http://api.example.com";
4 string apiKey = "YOUR_API_KEY";
5 using (HttpClient client = new HttpClient())
6 {
7 // Noncompliant: Send sensitive data over HTTP connection
8 HttpResponseMessage response = client.GetAsync(url + "?api_key=" + apiKey).Result;
9 }
10}
1public void SensitiveInformationLeakCompliant()
2{
3 string url = "http://api.example.com";
4 string apiKey = "YOUR_API_KEY";
5 using (HttpClient client = new HttpClient())
6 {
7 // Noncompliant: Do not send sensitive data over HTTP connection
8 HttpResponseMessage response = client.GetAsync(url).Result;
9 }
10}