Why This Issue Is Important
In an Apigee proxy, ensuring the confidentiality of sensitive data is crucial. Private flow variables often contain confidential or sensitive information that should not be exposed or transferred to public flow variables. If a private flow variable is written into a public one, it can lead to unintended data leaks, violating the principle of data confidentiality.
How This Issue Is Detected
CodeSent scans for variables that are prefixed with "private." These are typically considered confidential and should not be exposed to the public. The tool traces how these private variables are used within the flow, particularly looking for instances where they are reassigned to public variables that are not masked or protected.
How to Fix the Issue
To fix this issue, you should ensure that any public flow variable receiving data from a private flow variable is either masked, i.e. by means of the Apigee masking