/
security.xml
192 lines (177 loc) · 6.05 KB
/
security.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
<?xml version="1.0"?>
<ruleset name="Security" xmlns="http://pmd.sourceforge.net/ruleset/2.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://pmd.sourceforge.net/ruleset/2.0.0 http://pmd.sourceforge.net/ruleset_2_0_0.xsd">
<description>
These rules deal with different security problems that can occur within Apex.
</description>
<rule name="ApexSharingViolations" since="5.5.3"
message="Apex classes should declare a sharing model if DML or SOQL/SOSL is used"
class="net.sourceforge.pmd.lang.apex.rule.security.ApexSharingViolationsRule"
externalInfoUrl="${pmd.website.baseurl}/rules/apex/security.html#ApexSharingViolations">
<description>
Avoid Apex classes declared with no explicit sharing mode if DML methods are used.
</description>
<priority>3</priority>
<example>
<![CDATA[
public class without sharing Foo {
// DML operation here
}
]]>
</example>
</rule>
<rule name="ApexOpenRedirect" since="5.5.3"
message="Apex classes should safely redirect to a known location"
class="net.sourceforge.pmd.lang.apex.rule.security.ApexOpenRedirectRule"
externalInfoUrl="${pmd.website.baseurl}/rules/apex/security.html#ApexOpenRedirect">
<description>
Avoid Apex controllers using PageReference to redirect to an unknown location
</description>
<priority>3</priority>
<example>
<![CDATA[
public class without sharing Foo {
String unsafeLocation = ApexPage.getCurrentPage().getParameters.get('url_param');
PageReference page() {
return new PageReference(unsafeLocation);
}
}
]]>
</example>
</rule>
<rule name="ApexInsecureEndpoint" since="5.5.3"
message="Apex callouts should use encrypted communication channels"
class="net.sourceforge.pmd.lang.apex.rule.security.ApexInsecureEndpointRule"
externalInfoUrl="${pmd.website.baseurl}/rules/apex/security.html#ApexInsecureEndpoint">
<description>
Apex callouts should use encrypted communication channels
</description>
<priority>3</priority>
<example>
<![CDATA[
public class without sharing Foo {
void foo() {
HttpRequest req = new HttpRequest();
req.setEndpoint('http://localhost:com');
}
}
]]>
</example>
</rule>
<rule name="ApexXSSFromURLParam" since="5.5.3"
message="Apex classes should escape/sanitize Strings obtained from URL parameters"
class="net.sourceforge.pmd.lang.apex.rule.security.ApexXSSFromURLParamRule"
externalInfoUrl="${pmd.website.baseurl}/rules/apex/security.html#ApexXSSFromURLParam">
<description>
Apex classes should escape/sanitize Strings obtained from URL parameters
</description>
<priority>3</priority>
<example>
<![CDATA[
public class without sharing Foo {
String unescapedstring = ApexPage.getCurrentPage().getParameters.get('url_param');
String usedLater = unescapedstring;
}
]]>
</example>
</rule>
<rule name="ApexXSSFromEscapeFalse" since="5.5.3"
message="Apex classes should escape Strings in error messages"
class="net.sourceforge.pmd.lang.apex.rule.security.ApexXSSFromEscapeFalseRule"
externalInfoUrl="${pmd.website.baseurl}/rules/apex/security.html#ApexXSSFromEscapeFalse">
<description>
Apex classes should escape Strings in error messages
</description>
<priority>3</priority>
<example>
<![CDATA[
public class without sharing Foo {
Trigger.new[0].addError(vulnerableHTMLGoesHere, false);
}
]]>
</example>
</rule>
<rule name="ApexBadCrypto" since="5.5.3"
message="Apex classes should use random IV/key"
class="net.sourceforge.pmd.lang.apex.rule.security.ApexBadCryptoRule"
externalInfoUrl="${pmd.website.baseurl}/rules/apex/security.html#ApexBadCrypto">
<description>
Apex classes should use random IV/key
</description>
<priority>3</priority>
<example>
<![CDATA[
public class without sharing Foo {
Blob hardCodedIV = Blob.valueOf('Example of IV123');
Blob key = Crypto.generateAesKey(128);
Blob data = Blob.valueOf('Data to be encrypted');
Blob encrypted = Crypto.encrypt('AES128', key, hardCodedIV, data);
}
]]>
</example>
</rule>
<rule name="ApexCSRF" since="5.5.3"
message="Avoid making DML operations in Apex class constructor/init method"
class="net.sourceforge.pmd.lang.apex.rule.security.ApexCSRFRule"
externalInfoUrl="${pmd.website.baseurl}/rules/apex/security.html#ApexCSRF">
<description>
Avoid DML actions in Apex class constructor/init method without CSRF protection
</description>
<priority>3</priority>
<example>
<![CDATA[
public class Foo {
public init() {
insert data;
}
public Foo() {
insert data;
}
}
]]>
</example>
</rule>
<rule name="ApexSOQLInjection" since="5.5.3"
message="Avoid untrusted/unescaped variables in DML query"
class="net.sourceforge.pmd.lang.apex.rule.security.ApexSOQLInjectionRule"
externalInfoUrl="${pmd.website.baseurl}/rules/apex/security.html#ApexSOQLInjection">
<description>
Avoid merging untrusted/unescaped variables in DML operations
</description>
<priority>3</priority>
<example>
<![CDATA[
public class Foo {
public void test1(String t1) {
Database.query('SELECT Id FROM Account' + t1);
}
}
]]>
</example>
</rule>
<rule name="ApexCRUDViolation" since="5.5.3"
message="Validate CRUD permission before SOQL/DML operation"
class="net.sourceforge.pmd.lang.apex.rule.security.ApexCRUDViolationRule"
externalInfoUrl="${pmd.website.baseurl}/rules/apex/security.html#ApexCRUDViolationRule">
<description>
Validate CRUD permission before SOQL/SOSL/DML operation
</description>
<priority>3</priority>
<example>
<![CDATA[
public class Foo {
public Contact foo(String status, String ID) {
Contact c = [SELECT Status__c FROM Contact WHERE Id=:ID];
if (!Schema.sObjectType.Contact.fields.Name.isUpdateable()){
return null;
}
c.Status__c = status;
update c;
return c;
}
}
]]>
</example>
</rule>
</ruleset>