Introduced in version: 1.3 (29 Jan 2020)
Dereferencing an empty object will result in an error. At best, such an exception will cause abrupt termination of the running microflow and an automatic rollback. At worst, it could allow an attacker to bypass security measures. This rule can be fixed by removing the dereference.
It is safe to dereference objects if:
- they are used in equality comparisons e.g.
$Entity/Attribute = empty
(but not in combination withnot
) - they are used in XPath constraint during retrieve e.g.
[Module.Associaiton < $Entity/Attribute]
- there is an additional safeguard for empty in the microflow expression e.g.
if $Entity/Attribute != empty then $Entity/Attribute+' years' else 'no data'
Non-compliant example:
Compliant example: