Description

Detects when Kotlin code sets request properties without properly restricting MIME types. This could allow an attacker to send malicious content using unexpected MIME types, potentially leading to security vulnerabilities like content injection or bypassing content restrictions.

Detection Strategy

• Look for method calls that use 'setRequestProperty' in the code

• Check if the request property configuration lacks proper MIME type restrictions

• Flag cases where the request can accept any MIME type without validation

• Report vulnerability when request properties are set without specific MIME type constraints

Vulnerable code example

import java.net.URL
import java.net.HttpURLConnection

val url = URL("https://api.example.com")
val conn = url.openConnection() as HttpURLConnection
conn.requestMethod = "GET"

// SECURITY ISSUE: Hardcoded credentials directly in source code...

✅ Secure code example

import java.net.URL
import java.net.HttpURLConnection
import java.util.Properties

// Load API credentials from external config file/environment
val properties = Properties()
properties.load(ClassLoader.getSystemResourceAsStream("config.properties"))
val apiToken = properties.getProperty("api.token") // Token stored in external config...