Avoid hardcoding IP addresses

This product is not supported for your selected Datadog site. ().

Metadata

ID: swift-security/hardcoded-ip

Language: Swift

Severity: Warning

Category: Security

CWE: 547

Description

Use environment variables, configuration files, or similar methods to configure the IP address instead of hard-coding it. If confidentiality isn’t required, prefer a domain name to allow destination changes without rebuilding the software.

Non-Compliant Code Examples

let dnsServer = "8.8.8.8"
let cdnEndpoint = "2600:9000:2136:3400:15:a631:400:93a1"
struct API {
    static let baseURL = "https://10.1.5.120/data"
}

Compliant Code Examples

// Test file: pass.swift
// Expected annotations: 0

import Foundation

// Compliant: IP is loaded from a configuration object
let primaryServer = configuration.serverIp

// Exception: IPv4 loopback address for local development
let localServer = "127.0.0.1"

// Exception: IPv4 documentation address from RFC 5737
let testNetServer = "198.51.100.50"

// Exception: IPv6 documentation address from RFC 3849
let ipv6Example = "2001:db8:85a3::8a2e:370:7334"

// A version number that looks like an IP but fails the validation
let appVersion = "Application version 3.1.123.900 is not an IP."
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

Seamless integrations. Try Datadog Code Security

Datadog Code Security