- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
ID: go-security/http-request-secure
Language: Go
Severity: Warning
Category: Security
CWE: 319
Making HTTP requests (using http://
) instead of HTTPS requests (using https://
) can pose security risks, as information transmitted over HTTP is not encrypted and can be easily intercepted by malicious actors. This could potentially lead to sensitive data being exposed, such as login credentials or personal information.
To avoid this security risk, it’s important to always make HTTP requests using HTTPS. This ensures that the data being transmitted is encrypted, offering a higher level of security and protecting sensitive information.
To follow best practices and avoid making HTTP requests, developers should:
https://
in URIs when making API calls or requesting resources.By following these practices, developers can enhance the security of their applications and protect sensitive data from potential threats.
func main () {
response, err := http.Get("http://www.datadoghq.com")
response, err := http.Head("http://www.datadoghq.com", something, somethingElse)
response, err := http.Post("http://www.datadoghq.com")
response, err := http.PostForm("http://www.datadoghq.com", myForm)
response, err := http.PostForm("http://domain.tld/localhost", myForm)
}
func main () {
response, err := http.Get("https://www.datadoghq.com")
response, err := http.Head("https://www.datadoghq.com", something, somethingElse)
response, err := http.Post("https://www.datadoghq.com")
response, err := http.PostForm("https://www.datadoghq.com", myForm)
response, err := http.PostForm("http://localhost", myForm)
response, err := http.PostForm("http://127.0.0.1", myForm)
}