DefaultHttpClient with default constructor is not secure

Metadata

ID: java-security/default-http-client-def-cons

Language: Java

Severity: Notice

Category: Security

CWE: 326

Description

DefaultHttpClient with default constructor is not compatible with TLS 1.2. Make sure your HTTP client support advanced encryption protocols.

Learn more

Non-Compliant Code Examples

public Class {

    public void foobar(){
        HttpClient client = new DefaultHttpClient();
    }
}

Compliant Code Examples

public Class {

    public void foobar() {
        HttpClient client1 = HttpClients.createSystem();
        HttpClient client = HttpClientBuilder.create().useSystemProperties().build();
    }
}
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

Seamless integrations. Try Datadog Code Analysis

PREVIEWING: safchain/fix-custom-agent