Page tree
Skip to end of metadata
Go to start of metadata



The rule improvement made in this release of the extension, will have a significant impact on any existing analysis results generated with a previous release of the extension. When re-analyzing existing and unchanged source code with this new extension, you should therefore expect grade and violation changes. When using AIP Console, if you do not want this extension to be used, you should ensure that you implement an extension strategy to prevent the automatic download and installation of the extension. If you are onboarding a new application, CAST actively encourages you to use this new release to take advantage of the improvements that have been implemented.


Rule IdNew RuleDetails
1043046FALSEAvoid creating cookie with overly broad path (C#)
1043048FALSEAvoid having cookie with an overly broad domain (C#)
1043018FALSEAvoid storing passwords in the config files
1043044FALSEEnsure that CSRF Protection is enabled (ASP.NET MVC)
1043030FALSEEnsure the X-Frame-Options header is setup (ASP.NET)
  • No labels