Dart Http Cleartext Sensitive Information

Description

This vulnerability detector identifies Dart applications that transmit sensitive information over unencrypted HTTP connections instead of using secure HTTPS. This creates a significant security risk as sensitive data can be intercepted by attackers through man-in-the-middle attacks or network eavesdropping.

Weakness:

372 - Use of an insecure channel - HTTP

Category: Information Collection

Detection Strategy

• Identifies function calls to HTTP methods from the dart:io http package that are known to transmit data (like POST, PUT, PATCH requests)

• Checks if these HTTP calls are made on HTTP client objects or through direct imported HTTP function calls

• Analyzes the request parameters, headers, or body content to determine if sensitive information is being transmitted

• Reports a vulnerability when an HTTP method call contains sensitive data but uses cleartext HTTP protocol instead of encrypted HTTPS

Vulnerable code example

import 'package:http/http.dart' as http;

// VULNERABLE: sending password over unencrypted HTTP connection
Future<void> login() async {
  await http.post(Uri.parse('http://api.example.com/login'),
      body: {'password': 'secret123'});
}

✅ Secure code example

import 'package:http/http.dart' as http;

// SAFE: using HTTPS to encrypt password transmission
Future<void> login() async {
  await http.post(Uri.parse('https://api.example.com/login'), // Use HTTPS instead of HTTP
      body: {'password': 'secret123'});
}

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.