fix: add missing remediation (#181)

Bearer · Nov 21, 2023 · 1198a6d · 1198a6d
1 parent 447febc
commit 1198a6d
Show file tree

Hide file tree

Showing 4 changed files with 44 additions and 4 deletions.
diff --git a/rules/ruby/rails/insecure_http_password.yml b/rules/ruby/rails/insecure_http_password.yml
@@ -8,7 +8,22 @@ languages:
 metadata:
   description: "Insecure HTTP Password."
   remediation_message: |
-    Coming soon
+    ## Description
+
+    Basic authentication restricts access to a web application by requiring users to provide a username and password.
+    Passwords should never be stored in plain text. We should use environment variables instead.
+
+    ## Remediations
+
+    ❌ If you have to use basic authentication, do not store the password in plain text but use an environment variable instead
+
+    ```ruby
+      http_basic_authenticate_with password: ENV["basic_auth_password"]
+    ```
+
+    ## Resources
+    - [Ruby on Rails HTTP Basic Authentication](https://guides.rubyonrails.org/action_controller_overview.html#http-basic-authentication)
+    - [OWASP hardcoded passwords](https://owasp.org/www-community/vulnerabilities/Use_of_hard-coded_password)
   id: ruby_rails_insecure_http_password
   cwe_id:
     - 798

diff --git a/rules/ruby/rails/open_redirect.yml b/rules/ruby/rails/open_redirect.yml
@@ -31,7 +31,32 @@ metadata:
   description: "Open redirect detected"
   remediation_message: |
     ## Description
-    A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.
+
+    A redirect using unsanitized user input is bad practice and puts your application at greater risk of phishing attacks.
+
+    ## Remediations
+
+    ❌ Do not use unsanitized user input when constructing redirect URLs
+
+    ✅ Instead, ensure the input is validated by using a safe list or a mapping
+
+    ```ruby
+      transport_path = case params[:transport_type]
+        when "planes"
+          planes_path
+        when "trains"
+          trains_path
+        when "automobiles"
+          automobiles_path
+        default
+          root
+        end
+
+      redirect_to transport_path
+    ```
+
+    ## Resources
+    - [OWASP open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html)
   cwe_id:
     - 601
   id: ruby_rails_open_redirect

diff --git a/tests/ruby/rails/insecure_http_password/__snapshots__/test.js.snap b/tests/ruby/rails/insecure_http_password/__snapshots__/test.js.snap
@@ -10,7 +10,7 @@ exports[`ruby_rails_insecure_http_password insecure_controller 1`] = `
       ],
       "id": "ruby_rails_insecure_http_password",
       "title": "Insecure HTTP Password.",
-      "description": "Coming soon\\n",
+      "description": "## Description\\n\\nBasic authentication restricts access to a web application by requiring users to provide a username and password.\\nPasswords should never be stored in plain text. We should use environment variables instead.\\n\\n## Remediations\\n\\n❌ If you have to use basic authentication, do not store the password in plain text but use an environment variable instead\\n\\n\`\`\`ruby\\n  http_basic_authenticate_with password: ENV[\\"basic_auth_password\\"]\\n\`\`\`\\n\\n## Resources\\n- [Ruby on Rails HTTP Basic Authentication](https://guides.rubyonrails.org/action_controller_overview.html#http-basic-authentication)\\n- [OWASP hardcoded passwords](https://owasp.org/www-community/vulnerabilities/Use_of_hard-coded_password)\\n",
       "documentation_url": "https://docs.bearer.com/reference/rules/ruby_rails_insecure_http_password",
       "line_number": 2,
       "full_filename": "/tmp/bearer-scan/insecure_controller.rb",

diff --git a/tests/ruby/rails/open_redirect/__snapshots__/test.js.snap b/tests/ruby/rails/open_redirect/__snapshots__/test.js.snap
@@ -9,7 +9,7 @@ exports[`ruby_rails_open_redirect insecure 1`] = `
       ],
       "id": "ruby_rails_open_redirect",
       "title": "Open redirect detected",
-      "description": "## Description\\nA web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.\\n",
+      "description": "## Description\\n\\nA redirect using unsanitized user input is bad practice and puts your application at greater risk of phishing attacks.\\n\\n## Remediations\\n\\n❌ Do not use unsanitized user input when constructing redirect URLs\\n\\n✅ Instead, ensure the input is validated by using a safe list or a mapping\\n\\n\`\`\`ruby\\n  transport_path = case params[:transport_type]\\n    when \\"planes\\"\\n      planes_path\\n    when \\"trains\\"\\n      trains_path\\n    when \\"automobiles\\"\\n      automobiles_path\\n    default\\n      root\\n    end\\n\\n  redirect_to transport_path\\n\`\`\`\\n\\n## Resources\\n- [OWASP open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html)\\n",
       "documentation_url": "https://docs.bearer.com/reference/rules/ruby_rails_open_redirect",
       "line_number": 3,
       "full_filename": "/tmp/bearer-scan/insecure.rb",