1

我有一个 mvc 应用程序,其中这一行存在低验证码缺陷

通过发送的数据暴露信息

 private WebResponse GetCreditCheckResponse(Uri uri)
    {
        WebResponse response = null;

        try
        {
            #region Logging
            LogManager.Info("Enter - " + "Accessing uri: " + uri);
            #endregion
            var request = (HttpWebRequest)WebRequest.Create(uri); //Veracode Flaw in this line

uri 的值为 "{ https://www.p6.experian.nl/cgi-bin/retrieve?PROCESSID=150&PREFIX=&INITIALS=B&SURNAME=Klomp&DATEOBIRTH=31031964&GENDER=&POSTALCODE=3846BN&HOUSENUM=22&HOUSEEXT=&PHONENUMBER=&FORMAT=XML&FULLSIZE=TRUE&HOUSEEXTIGNORE =TRUE&D-​​INDUSTRY_SEC=2&D-DATA_LEVEL=1&D-LIFE_CYCLE=1&D-VERSION_NUM=2 }"

有人可以帮我解决这个缺陷吗?

4

0 回答 0