Indeed, possible. That falls under the "Be more careful" option, however, the assumption of "CONSTANT VIGILANCE!" is the enemy of good security. Up until now, I have stuck with the constant vigilance approach, but it can get difficult. For instance, some systems save values/query parameters into some form of "global" request object/hash then pass that thing around. While that is a bad idea security-wise (for exactly this issue), it is not an uncommon approach and can be done in a reasonable way (meaning, I have seen at least one system that did this that was robust and not painful to work with).
So far, I think that an approach such as SecureString would be easier/safer in these situations, and probably also in more security-ideal situations. Of course, I've been mulling the idea around subconsciously for a while and I wrote the thing, so of course it looks like a good idea to me. I am not yet sure whether this type of approach falls in the "good idea" camp or the "gimmick that on the surface looks like a good idea, but falls down in practice or leads to bad practices or is just plain silly" camp.
| [reply] [Watch: Dir/Any] |