Weak obfuscation while configuring a web request is vulnerable to unauthorized access. Using stronger obfuscation significantly reduces the chances of attacks due to unauthorized access.
1public void httpAuthenticationNoncompliant(final URL url, final String password) throws URISyntaxException {
2 final String encoding = Base64.getEncoder().encode(password.getBytes()).toString();
3 HttpPost httppost = new HttpPost(url.toURI());
4 // Noncompliant: uses HTTP Basic Authentication.
5 httppost.setHeader("Authorization", "Basic " + encoding);
6}