Sensitive Information Sent Via URL Parameters
Need
Secure transmission of sensitive information
Context
- Usage of Elixir (1.11 and above) for building scalable and fault-tolerant applications
- Usage of Phoenix Framework for building web applications (version 1.5 and above)
Description
Non compliant code
defmodule UserController do
use MyAppWeb, :controller
def show(conn, %{'id' => id}) do
user = Repo.get!(User, id)
render(conn, 'show.html', user: user)
end
end
The above code is vulnerable because it allows the user id to be passed as a URL parameter. This exposes the user's sensitive information as the user id is visible in the URL and can be stored in browser history, sent to external sites via the referrer HTTP header, or intercepted by malicious scripts.
Steps
- Avoid sending sensitive information in URL parameters.
- Use the POST method to transmit sensitive data.
- Use secure sessions or cookies to store user identifiers.
Compliant code
defmodule UserController do
use MyAppWeb, :controller
def show(conn, _params) do
id = get_session(conn, :user_id)
user = Repo.get!(User, id)
render(conn, 'show.html', user: user)
end
end
In the secure code example, the user id is obtained from a secure session or a cookie, rather than being passed in the URL. This mitigates the risk of sensitive information being exposed via the URL.