html.security.plaintext-http-link.plaintext-http-link

profile photo of semgrepsemgrep
Author
unknown
Download Count*

This link points to a plaintext HTTP URL. Prefer an encrypted HTTPS URL if possible.

Run Locally

Run in CI

Defintion

rules:
  - id: plaintext-http-link
    metadata:
      category: security
      technology:
        - html
      cwe:
        - "CWE-319: Cleartext Transmission of Sensitive Information"
      owasp:
        - A03:2017 - Sensitive Data Exposure
        - A02:2021 - Cryptographic Failures
      confidence: HIGH
      subcategory:
        - vuln
      references:
        - https://cwe.mitre.org/data/definitions/319.html
      likelihood: LOW
      impact: LOW
      license: Commons Clause License Condition v1.0[LGPL-2.1-only]
      vulnerability_class:
        - Mishandled Sensitive Information
    patterns:
      - pattern: <a href="$URL">...</a>
      - metavariable-regex:
          metavariable: $URL
          regex: ^(?i)http://
    message: This link points to a plaintext HTTP URL. Prefer an encrypted HTTPS URL
      if possible.
    severity: WARNING
    languages:
      - html

Examples

plaintext-http-link.html

<!-- ruleid: plaintext-http-link -->
<a href="http://semgrep.dev">Semgrep</a>

<!-- ruleid: plaintext-http-link -->
<a href='http://semgrep.dev'>Semgrep</a>

<!-- ruleid: plaintext-http-link -->
<a href=http://semgrep.dev>Semgrep</a>

<!-- ruleid: plaintext-http-link -->
<a class="foo" href="http://semgrep.dev">Semgrep</a>

<!-- ruleid: plaintext-http-link -->
<a class='foo' href='http://semgrep.dev'>Semgrep</a>

<!-- ruleid: plaintext-http-link -->
<a class=foo href=http://semgrep.dev>Semgrep</a>

<!-- ruleid: plaintext-http-link -->
<a href="HTTP://SEMGREP.DEV">Semgrep</a>

<!-- ok: plaintext-http-link -->
<a href="https://semgrep.dev">Semgrep</a>

<!-- ok: plaintext-http-link -->
<a href="https://semgrep.dev/http://">Semgrep</a>

<!-- ok: plaintext-http-link -->
<a href="javascript:alert(1)">Semgrep</a>