发表新帖
发表新帖

SonarQube rule: “Using command line arguments is security-sensitive” in Spring Boot application

后端 未结
关注
3 2170
南旧
南旧 2021-01-01 10:57

SonarQube is just showing a Critical security issue in the very basic Spring Boot application. In the main method.

@SpringBootApplication
public class Applic
3条回答
  • Happy的楠姐
    Happy的楠姐 (楼主)
    2021-01-01 11:45

    No, it is a critical security issue indeed. It's just asking to sanitize the args before using it. There's no need for such a concern on a simple application, but it may be a big matter on a production application.

    More details can be found on https://rules.sonarsource.com/java/RSPEC-4823?search=Make%20sure%20that%20command%20line%20arguments%20are%20used%20safely%20here.

    0 讨论(0)
 看不清?
提交回复
热议问题