Why This Issue Is Important
In an Apigee proxy, accepting confidential data as URL parameters poses a significant security risk. URL parameters are often logged by web servers, proxies, and even browsers, which means that sensitive information such as personal identifiers, financial data, or authentication tokens could be exposed to unauthorized parties through these logs. This can lead to data breaches, unauthorized access, and other serious security incidents.
Security best practices dictate that confidential data should be transmitted through secure channels, specifically in the HTTP request body or headers, where it is less likely to be logged or exposed. Transmitting such data in URL parameters violates security practices, making the system vulnerable to data leakage and compromising the confidentiality of sensitive information.
How This Issue Is Detected
CodeSent detects this issue by analyzing the flow within the proxy to identify if any confidential data is being accepted as URL parameters.
CodeSent scans the ExtractVariables policy in the flow to identify any variables that are extracted from URL parameters. The tool checks if these URL parameters contain confidential data, such as card number, pin, email, etc. If confidential data is detected in the URL parameters, CodeSent flags this as a potential security risk.
How to Fix the Issue
To fix this issue, you should ensure that confidential data is not accepted as URL parameters. Instead, require that such data be sent in the HTTP request body or headers.