The rule improvement made in this release of the extension, will have a significant impact on any existing analysis results generated with a previous release of the extension. When re-analyzing existing and unchanged source code with this new extension, you should therefore expect grade and violation changes. When using AIP Console, if you do not want this extension to be used, you should ensure that you implement an extension strategy to prevent the automatic download and installation of the extension. If you are onboarding a new application, CAST actively encourages you to use this new release to take advantage of the improvements that have been implemented.
|Rule Id||New Rule||Details|
|1043046||FALSE||Avoid creating cookie with overly broad path (C#)|
|1043048||FALSE||Avoid having cookie with an overly broad domain (C#)|
|1043018||FALSE||Avoid storing passwords in the config files|
|1043044||FALSE||Ensure that CSRF Protection is enabled (ASP.NET MVC)|
|1043030||FALSE||Ensure the X-Frame-Options header is setup (ASP.NET)|