From 6e505dc26f8852bf28d5230c1eeea0de8461603b Mon Sep 17 00:00:00 2001 From: Tim van der Lippe Date: Thu, 22 Jan 2026 10:51:22 +0100 Subject: [PATCH] [DO NOT MERGE] Test preview van TLS voorstel --- sections/designRules.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/sections/designRules.md b/sections/designRules.md index 60c76cb..91422fe 100644 --- a/sections/designRules.md +++ b/sections/designRules.md @@ -746,9 +746,16 @@ Note: security controls for signing and encrypting of application level messages
Rationale
-

Even when using TLS connections, information in URIs is not secured. URIs can be cached and logged outside of the servers controlled by clients and servers. Any information contained in them should therefore be considered readable by anyone with access to the network (in the case of the internet, the whole world) and MUST NOT contain any sensitive information. This includes client secrets used for authentication, privacy sensitive information such as BSNs or any other information which should not be shared. +

When using TLS connections, the path and query information in URIs are secured just like the message headers and body. However, URIs can be cached and logged, as can headers and bodies in the following situations: +

+

For REST API's that are accessed directly from user devices, like web browsers, do not put client secrets used for authentication, privacy sensitive information or any other information which should not be shared in the URI. These are directly visible to users, are stored in the web browser's history and cache and can be bookmarked and sent to others.

Be aware that queries (anything after the '?' in a URI) are also part of a URI.

+

The term sensitive is deliberately left undefined in this document.