Avoid Hard-coded or In-comment Passwords in Code

Problem

The Javascript rule "Avoid hard-coded or in-comment passwords in code" ( rule code OPT.JAVASCRIPT.PasswordInComments) searches for hard-coded passwords in source code.

This rule checks if there are comments in the code that contain expressions that match with a predefined regexp pattern, so it can lead to several false positives and/or false negatives.

Solution

This rule contains the parameter "passwordPattern" that you can edit to change the default pattern if you are finding too many false positives.

The default regexp pattern is :

Related articles

• Page:
  How to Export a Model and Import into another Kiuwan Account
• Page:
  How to Deactivate a Rule
• Page:
  Certificate is Valid but does not Belong to a Known Accepted Server
• Page:
  SSO - Form-based authentication fails
• Page:
  SSO - HTTP authentication fails