logo

Database

Dart Information Exposure In Query String

Description

Detects when sensitive information is potentially exposed through URL query strings in Dart HTTP requests. This vulnerability occurs when sensitive data like passwords, tokens, or personal information is included in query parameters, which can be logged in server access logs, browser history, or referrer headers.

Weakness:

030 - Sensitive information sent via URL parameters

Category: Information Collection

Detection Strategy

    Analyzes Dart source code for HTTP request patterns that may expose sensitive information in query strings

    Specifically checks for usage of the Dio HTTP library (package:dio) when constructing requests with query parameters

    Reports vulnerabilities when sensitive data appears to be transmitted via URL query parameters instead of secure methods like request bodies or headers

    Triggers on code patterns where potentially sensitive information is being added to URL query strings in HTTP requests

Vulnerable code example

import 'package:dio/dio.dart';
import 'package:flutter/material.dart';

final passwordController = TextEditingController();

// VULNERABLE: password exposed in URL query string
Future<void> vulnerable1() async {
  final dio = Dio();...

✅ Secure code example

import 'package:dio/dio.dart';
import 'package:flutter/material.dart';

final passwordController = TextEditingController();

// FIXED: Send credentials in POST body instead of URL query
Future<void> fixed1() async {
  final dio = Dio();...