Connections that use insecure protocols transmit data in cleartext. This introduces a risk of exposing sensitive data to third parties.
1def ftp_connection_noncompliant():
2 import ftplib
3 # Noncompliant: insecure ftp used.
4 cnx = ftplib.FTP("ftp://anonymous@example.com")
1def ftp_connection_compliant():
2 import ftplib
3 # Compliant: secure ftp_tls used.
4 cnx = ftplib.FTP_TLS("ftp.example.com")