Map to one HTTP request method for best practices

• info
• java
• Spring
• framework specific
• web
• Spring Web
• quality

This class is missing a @Controller or @RestController annotation

• error
• java
• Spring
• framework specific
• web
• Spring Web
• quality

Public methods within a controller class should be treated as request handlers, therefore should be annotated as such. If you really believe this method should not be exposed as a Rest endpoint, please consider extracting it into an external Component class and call it from inside this controller.

• warning
• java
• Spring
• framework specific
• web
• Spring Web
• quality

Prevent a cookie being sent over unencrypted HTTP by setting the Secure flag to true

• error
• java
• Spring
• security
• framework specific
• web
• Spring Web
• OWASP Top 10

Prevent client-side scripts from accessing the cookie by setting the HttpOnly flag to true

• error
• java
• Spring
• security
• framework specific
• web
• Spring Web
• OWASP Top 10

Prevent a cookie being sent over unencrypted HTTP by setting the Secure flag to true

• error
• java
• Spring
• security
• framework specific
• web
• Spring Web
• OWASP Top 10

Non-specified RequestMapping method will map to any HTTP request

• error
• java
• Spring
• security
• framework specific
• web
• Spring Web
• CSRF

Prevent suffix pattern matching by setting UseRegisteredSuffixPatternMatch to false

• warning
• java
• Spring
• security
• framework specific
• web
• Spring Web

Prevent suffix pattern matching by setting UseSuffixPatternMatching to false

• warning
• java
• Spring
• security
• framework specific
• web
• Spring Web

Improve readability by using Spring's composed annotations

• info
• java
• Spring
• framework specific
• web
• Spring Web
• quality

RequestMapping should not be used on non-public methods

• warning
• java
• Spring
• framework specific
• web
• Spring Web
• quality