Use of Hard-coded, Security-relevant Constants
The product uses hard-coded constants instead of symbolic names for security-critical values, which increases the likelihood of mistakes during code maintenance or security reviews.
Hard-coded values make code harder to understand and maintain. When security-relevant values are hard-coded, it increases the risk of errors when the code needs to be modified.
Jak naprawić tę podatność
Strategie zapobiegania dla Hardcoded Security Constants oparte na 2 regułach detekcji Shoulder.
Use environment variables for URLs with localhost as a development fallback
- const API_URL = 'http://localhost:3000'; + const API_URL = process.env.API_URL || 'http://localhost:3000'; const response = await fetch(`${API_URL}/users`);
Load URLs from environment variables with localhost as the development fallback
- API_URL = "http://localhost:3000/api" - DB_HOST = "127.0.0.1" + import os + + API_URL = os.getenv('API_URL', 'http://localhost:3000/api') + DB_HOST = os.getenv('DB_HOST', 'localhost') def fetch_data(): response = requests.get(f'{API_URL}/data') return response.json()
Kluczowe praktyki
- Use environment variables
- configurable via environment variables
Znajdz podatnosci w swoim kodzie
Uzyj Shoulder do skanowania kodu w poszukiwaniu wzorcow Use of Hard-coded, Security-relevant Constants. 2 reguly.
# Scan with Shoulder CLI npx @shoulderdev/cli trust --cwe=547 # Or scan entire project npx @shoulderdev/cli trust .
Reguly Wykrywania (2)
Na co zwracac uwage podczas przegladu kodu
Te wzorce wskazuja na potencjalne podatnosci Use of Hard-coded, Security-relevant Constants. Szukaj ich podczas przegladow kodu i audytow bezpieczenstwa.
Przeskanuj swój kod w poszukiwaniu Use of Hard-coded, Security-relevant Constants
Shoulder CLI znajduje podatne wzorce w całym Twoim kodzie.