Articles

Author

vacuum

Installing

Quick Start

About vacuum

Why?

Concepts

💥 Online Demo

FAQ

Ignoring Violations

Changelog

Configuring

VSCode Plugin

CLI Commands

Lint

vacuum Report

Dashboard

HTML Report

Spectral Report

References

Version

Bundle Spec

Generate RuleSet

Language Server

Developer API

API Quick Start

Spec Index

RuleResultSet

Loading RuleSet

Custom Go Functions

Custom JS Functions

Non-OpenAPI Files

Functions

Core Functions

OpenAPI Functions

OWASP Functions

Rules

Examples

OWASP

Operations/Paths

Schemas

Spec Information

Validation

Descriptions

Tags

Security

RuleSets

What are they?

Sharing RuleSets

No Rules/Off

Recommended Rules

Custom RuleSets

OWASP Rules

GitHub

GitHub Repo stars

Discord

owaspNoBasicAuth

owaspCheckErrorResponse will check that no security schemes use Basic authentication.

Example ruleset configuration

my-security-rule:
  description: Make sure there is no Basic auth used in the API.
  type: validation
  given: $
  then:
    function: owaspNoBasicAuth

Used by the following rules:

owasp-no-http-basic