Package net.sourceforge.pmd.lang.apex.rule.security
See: Description
-
Class Summary Class Description ApexDangerousMethodsRule Flags dangerous method calls, e.g. ApexSuggestUsingNamedCredRule Flags usage of http request.setHeader('Authorization',..) and suggests using named credentials which helps store credentials for the callout in a safe place. ApexInsecureEndpointRule Insecure HTTP endpoints passed to (req.setEndpoint) req. ApexSOQLInjectionRule Detects if variables in Database.query(variable) or Database.countQuery is escaped with String. ApexXSSFromEscapeFalseRule Finds all . ApexOpenRedirectRule Looking for potential Open redirect via PageReference variable input ApexSharingViolationsRule Finds Apex class that do not define sharing ApexXSSFromURLParamRule Detects potential XSS when controller extracts a variable from URL query and uses it without escaping first ApexBadCryptoRule Finds encryption schemes using hardcoded IV, hardcoded key ApexCRUDViolationRule Finding missed CRUD checks for SOQL and DML operations.