Comments - Host Info
Developers sometimes leave critical information in comments that can be used to breach the security of a site. For example, something as seemingly innocuous as a comment referencing the required order of fields in a table could potentially give an attacker a key piece of information needed to compromise the security of your site.
To view discovered comments:
-
Select Comments from the Host Info panel to list all URLs that contain comments.
-
Click a URL to view the comments it contains.
-
Double-click an entry to locate in the navigation pane the session that contains the comment. Focus switches to the Comments choice in the Session Info panel.
Use the Search feature at the top of the information pane to locate the text you specify. To conduct a search using regular expressions, select the Regex button before clicking Find.
You can copy comments to your clipboard by highlighting the text and selecting Copy from the shortcut menu.
If you double-click a URL, Fortify WebInspect highlights in the navigation pane the session that contains the URL.
See Also