function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
RupaliJRupaliJ 

Http Callouts Security scanning issue

Hi,

 

When we have submitted our org for security scanning to checkmarx, we got Http_callouts information query in report. I got this message for following code:

public boolean getEx() 
...
req.setEndpoint(URL);

 Please let me know why I am getting this message at setEndpoint line.

Thanks.

sfdcfoxsfdcfox
URL is probably flagged as tainted. This means that some part of URL might be derived from user input. It doesn't mean you'll fail the security review, just that you might have to explain what you're doing with URL.