...
This noncompliant code example shows an example where ...
| Code Block | ||
|---|---|---|
| ||
|
Compliant Solution
In this compliant solution, ...
| Code Block | ||
|---|---|---|
| ||
| ||
Risk Assessment
If non-serializable nonserializable objects are stored as attributes in an HTTP session then ...
Rule | Severity | Likelihood |
|---|
Detectable | Repairable | Priority | Level |
|---|---|---|---|
MSC08-J | Low | Probable | No |
No | P2 | L3 |
Automated Detection
TBD
Bibliography
| [ |
| Fortify 2014] | Fortify Diagnostic |
| HTTPSession J2EE Documentation [Note. This is a JavaEE 5 reference. I cannot find the corresponding API in Java 7.] |
...
...