Explore
326-350 of 589
Rewrite toDateTime(DateTimeZone) to java.time equivalent
Rewrite toDateTime(DateTimeZone) to java.time equivalent
- warning
- java
- framework specific
- java.time
- Joda-Time
- quality
Rewrite toDate() to java.time equivalent
Rewrite toDate() to java.time equivalent
- warning
- java
- java.time
- framework specific
- Joda-Time
- quality
Rewrite toGregorianCalendar to GregorianCalendar.from(ZonedDateTime)
Rewrite toGregorianCalendar to GregorianCalendar.from(ZonedDateTime)
- warning
- java
- java.time
- framework specific
- Joda-Time
- quality
Rewrite toTimeOfDay() to toLocalTime()
Rewrite toTimeOfDay() to toLocalTime()
- warning
- java
- java.time
- framework specific
- Joda-Time
- quality
Rewrite toYearMonthDay() to toLocalDate()
Rewrite toYearMonthDay() to toLocalDate()
- warning
- java
- java.time
- framework specific
- Joda-Time
- quality
Second argument should be a Set<ZoneId> instead of Map<String, org.joda.time.DateTimeZone>
Second argument should be a Set<ZoneId> instead of Map<String, org.joda.time.DateTimeZone>
- warning
- java
- java.time
- framework specific
- Joda-Time
- quality
Secure Random: Do not use initializer with custom seed
Do not use your own defined seeds
- error
- java
- security
Secure Transport: use RequiresSecure to enforce HTTPS
Serve requests over HTTPS instead of unencrypted HTTP
- error
- java
- Spring
- security
- framework specific
- web
- Spring Security
- OWASP Top 10
Secure Transport: use RequiresSecure to enforce HTTPS on all paths
Enforce HTTPS on all requests, not just on a selected number
- warning
- java
- Spring
- security
- framework specific
- web
- Spring Security
- OWASP Top 10
Security Misconfiguration: Clickjacking protection: Disabled Header - frameOptions()
Disabling Spring Security default headers makes the application vulnerable to clickjackin
- warning
- java
- Spring
- security
- framework specific
- web
- Spring Security
- Clickjacking
- OWASP Top 10
Security Misconfiguration: Content sniffing protection
Prevent MIME sniffing by disabling contentTypeOptions
- error
- java
- Spring
- security
- framework specific
- web
- Spring Security
- OWASP Top 10
Security Misconfiguration: CORS: Avoid broad settings: CorsRegistry#allowCredentials
Allowing credentials makes the application more vulnerable
- warning
- java
- Spring
- security
- framework specific
- web
- Spring Security
Security Misconfiguration: CORS: Avoid broad settings: CorsRegistry#allowedHeaders
Allowing all headers makes the application vulnerable
- warning
- java
- Spring
- security
- framework specific
- web
- Spring Security
Security Misconfiguration: CORS: Avoid broad settings: CorsRegistry#allowedMethods
Allowing unsafe methods puts the application at risk
- warning
- java
- Spring
- security
- framework specific
- web
- Spring Security
Security Misconfiguration: CORS: Avoid broad settings: CorsRegistry#allowedOrigins
Allowing all origins makes the application vulnerable to scripts from any domain
- warning
- java
- Spring
- security
- framework specific
- web
- Spring Security
Security Misconfiguration: CORS: Avoid broad settings: CorsRegistry#exposedHeaders
Exposing all headers makes the application vulnerable
- warning
- java
- Spring
- security
- framework specific
- web
- Spring Security
Security Misconfiguration: CORS: Avoid broad settings: CorsRegistry#maxAge
A value over 30 minutes is considered prolonged and likely to reduce security
- warning
- java
- Spring
- security
- framework specific
- web
- Spring Security
Security Misconfiguration: CORS: Avoid broad settings: @CrossOrigin
Avoid enabling CORS, or configure it as strictly as possible
- warning
- java
- Spring
- security
- framework specific
- web
- Spring Security
Security Misconfiguration: CORS: Avoid broad settings: @CrossOrigin - allowCredentials
Allowing credentials makes the application more vulnerable
- warning
- java
- Spring
- security
- framework specific
- web
- Spring Security
Security Misconfiguration: CORS: Avoid broad settings: @CrossOrigin - allowedHeaders
Allowing all headers makes the application vulnerable
- warning
- java
- Spring
- security
- framework specific
- web
- Spring Security
Security Misconfiguration: CORS: Avoid broad settings: @CrossOrigin - exposedHeaders
Exposing all headers makes the application vulnerable
- warning
- java
- Spring
- security
- framework specific
- web
- Spring Security
Security Misconfiguration: CORS: Avoid broad settings: @CrossOrigin - maxAge
A value over 30 minutes is considered prolonged and likely to reduce security
- warning
- java
- Spring
- security
- framework specific
- web
- Spring Security
Security Misconfiguration: CORS: Avoid broad settings: @CrossOrigin - methods
Allowing unsafe methods puts the application at risk
- warning
- java
- Spring
- security
- framework specific
- web
- Spring Security
Security Misconfiguration: CORS: Avoid broad settings: @CrossOrigin - origins
Allowing all origins makes the application vulnerable to scripts from any domain
- warning
- java
- Spring
- security
- framework specific
- web
- Spring Security
Security Misconfiguration: Disabled Headers
Disabling Spring Security's default headers makes the application vulnerable
- warning
- java
- Spring
- security
- framework specific
- web
- Spring Security
- OWASP Top 10