Missing https protocol detected.
- Rule ID: javascript_express_https_protocol_missing
- Languages: javascript
- Source: https_protocol_missing.yml
Description
Use HTTPS wherever possible. HTTPS uses the TLS (Transport Layer Security) protocol to encrypt communication, making it more secure than HTTP.
Remediations
✅ Use the https
module when calling createServer()
var https = require('https');
var express = require('express');
var app = express();
var httpsServer = https.createServer(app)
httpsServer.listen(8080);
Resources
Associated CWE
Configuration
To skip this rule during a scan, use the following flag
bearer scan /path/to/your-project/ --skip-rule=javascript_express_https_protocol_missing
To run only this rule during a scan, use the following flag
bearer scan /path/to/your-project/ --only-rule=javascript_express_https_protocol_missing
Ready to take the next step? Learn more about Bearer Cloud.