Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

http://localhost should be allowed by @microsoft/sdl/no-insecure-url #7

Closed
jason-ha opened this issue Feb 5, 2021 · 1 comment · Fixed by #11 or #12
Closed

http://localhost should be allowed by @microsoft/sdl/no-insecure-url #7

jason-ha opened this issue Feb 5, 2021 · 1 comment · Fixed by #11 or #12
Assignees
@A-Katopodis
Labels
enhancement New feature or request

Comments

@jason-ha
Copy link
Contributor

jason-ha commented Feb 5, 2021

http://localhost is common for some testing scenarios and situations where communication does not leave the OS are not a risk.

To Reproduce
Steps to reproduce the behavior:

  1. Add 'http://localhost' use in code.
  2. Enable recommended configuration.
  3. Run eslint
  4. See report similar to:
Error @microsoft/sdl/no-insecure-url: Insecure protocols such as [HTTP](https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol) or [FTP](https://en.wikipedia.org/wiki/File_Transfer_Protocol) should be replaced by their encrypted counterparts ([HTTPS](https://en.wikipedia.org/wiki/HTTPS), [FTPS](https://en.wikipedia.org/wiki/FTPS)) to avoid sending (potentially sensitive) data over untrusted network in plaintext.: Do not use insecure URLs

Related
See tslint no-http issue where localhost was resolved to be allowed.

Expected behavior
http://localhost should be allowed.
@jason-ha jason-ha mentioned this issue Feb 5, 2021
Closed
This was linked to pull requests May 12, 2021
Add an exception for xmlns usage, and add appropriate testing #11
Merged
Allow localhost on insecureurl #12
Merged
@A-Katopodis A-Katopodis added the enhancement New feature or request label May 12, 2021
@A-Katopodis A-Katopodis self-assigned this May 12, 2021
@A-Katopodis
Copy link
Contributor

Issue was resolved with PRs:
#11
#12

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@A-Katopodis A-Katopodis

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
2 participants
@A-Katopodis @jason-ha