-
Notifications
You must be signed in to change notification settings - Fork 4.4k
Update: Web Service Security Cheat Sheet #2102
Copy link
Copy link
Closed
Labels
ACK_WAITINGIssue waiting acknowledgement from core team before to start the work to fix it.Issue waiting acknowledgement from core team before to start the work to fix it.HELP_WANTEDIssue for which help is wanted to do the job.Issue for which help is wanted to do the job.UPDATE_CSIssue about the update/refactoring of a existing cheat sheet.Issue about the update/refactoring of a existing cheat sheet.
Description
Metadata
Metadata
Assignees
Labels
ACK_WAITINGIssue waiting acknowledgement from core team before to start the work to fix it.Issue waiting acknowledgement from core team before to start the work to fix it.HELP_WANTEDIssue for which help is wanted to do the job.Issue for which help is wanted to do the job.UPDATE_CSIssue about the update/refactoring of a existing cheat sheet.Issue about the update/refactoring of a existing cheat sheet.
What is missing or needs to be updated?
Under User Authentication:
Rule: If used, Basic Authentication must be conducted over TLS, but Basic Authentication is not recommended because it discloses secrets in plan text (base64 encoded) in HTTP Headers.
How should this be resolved?
Plan -> Plain