Communication over HTTP
- Query id: d7dc9350-74bc-485b-8c85-fed22d276c43
- Query name: Communication over HTTP
- Platform: Ansible
- Severity: Medium
- Category: Insecure Configurations
- CWE: 319
- URL: Github
Description¶
Using HTTP URLs (without encryption) could lead to security vulnerabilities and risks
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - cfg file
[galaxy]
cache_dir=~/.ansible/galaxy_cache
ignore_certs=False
role_skeleton_ignore=^.git$, ^.*/.git_keep$
server=http://galaxy.ansible.com