Studio

2021.10

false

Release Notes
- 2021.10.3
- 2021.10.4
- 2021.10.5
- 2021.10.6
- 2021.10.7
- 2021.10.8
- 2021.10.9
- 2021.10.10
Getting Started
- Introduction
- About Backward and Forward Compatibility
- The User Interface
- Keyboard Shortcuts
- Signing in to Your Account
- Configuring Studio Settings
- Project Templates
- Creating a Basic Process
- Creating a Basic Library
- Tutorials
Setup and Configuration
- Hardware and Software Requirements
- Install Studio
- Activate Studio
  - About Licensing
- Update Studio
- Command Line Parameters
- Supported Applications and Technologies
- Enabling Gmail for Email Activities
- Opting Out of Telemetry
Automation Projects
- About Automation Projects
- About Publishing Automation Projects
- About Libraries
  - Loading Web Services in Libraries
  - Activities Generated from Web Services
- Managing Activities Packages
- Configuring Activity Project Settings
- Signing Packages
- Governance
- Importing Entities
- Modern Design Experience
- Linking a Project to an Idea in Automation Hub
Dependencies
- About Dependencies
- Managing Dependencies
- Project Dependencies Mass Update
  - Mass Update Command Line Parameters
- Missing or Invalid Activities
Types of Workflows
- Sequences
- Flowcharts
- State Machines
- Global Exception Handler
File Comparison
- About File Comparison
- Comparing Files
Automation Best Practices
- Workflow Design
- UI Automation
- Project Organization
- Automation Lifecycle
Source Control Integration
- About Version Control
- Managing Projects With GIT
- Managing Projects With TFS
- Managing Projects With SVN
- Workflow Diff
Debugging
- About Debugging
The Diagnostic Tool
- About The Diagnostic Tool
Workflow Analyzer
- About Workflow Analyzer
- Naming Rules
- Design Best Practices
- Project Anatomy Rules
- Maintainability and Readability Rules
- Usage Rules
- Performance and Reusability Rules
  - ST-PRR-004 - Hardcoded Delay Activity
- Reliability Rules
  - ST-REL-006 - Infinite Loop
- Security Rules
  - ST-SEC-007 - SecureString Argument Usage
  - ST-SEC-008 - SecureString Variable Usage
  - ST-SEC-009 - SecureString Misusage
Variables
- Managing Variables
- The Variables Panel
- Types of Variables
- UiPath Proprietary Variables
Arguments
- Managing Arguments
- The Arguments Panel
- Using Arguments
Imported Namespaces
- About Imported Namespaces
- Managing Namespaces
Recording
- About Recording
- Recording Types
- Automatic Recording
- Example of Automatic Recording With Basic and Desktop
- Example of Automatic Recording With Web
- Manual Recording
UI Elements
- About UI Elements
- UI Activities Properties
- Input Methods
  - Chromium API
- Example of Using Input Methods
- Output or Screen Scraping Methods
- Examples of Using Output or Screen Scraping Methods
- Generating Tables From Unstructured Data
- Relative Scraping
Control Flow
- About Control Flow
- Control Flow Activities
Selectors
- About Selectors
- UI Explorer
- Selectors With Wildcards
- Full versus partial selectors
- Dynamic Selectors
- Fuzzy Search
- RegEx Search
- Non-Greedy Search
- Case-sensitive selectors
Object Repository
- About Object Repository
- Creating an Object Repository
- Reusing Objects and UI Libraries
Data Scraping
- About Data Scraping
- Example of Using Data Scraping
Image and Text Automation
- About Image and Text Automation
- Mouse and Keyboard Activities
- Example of Using Mouse and Keyboard Automation
- Text Activities
- Example of Using Text Automation
- OCR Activities
- Installing OCR Languages
  - Installing an OCR Engine and Changing the Language
- Image Activities
- Example of Using OCR and Image Automation
Automating Citrix Technologies
- About Automating Citrix Technologies
- Configuration Steps
- Example of Automating a Citrix App
- Known Issues and Limitations
RDP Automation
- Configuration Steps
- About Native RDP Automation
- How Native RDP Automation Works
- Example of RDP Automation
- Known Issues and Limitations
Salesforce Automation
- About Salesforce Automation
- Support for Salesforce Lightning Interface
SAP Automation
- SAP WinGUI
- SAP Fiori
  - About SAP Fiori Automation
  - Identifying SAP Fiori Elements
VMware Horizon Automation
- About VMware Horizon Automation
- Configuration Steps
Logging
- Studio Logs
- Setup Logs
- OCR Diagnostic Logs
- Logging Levels
- Types of Logs
- Protecting Sensitive Information
The ScreenScrapeJavaSupport Tool
- About the ScreenScrapeJavaSupport Tool
- Argument Descriptions for the ScreenScrapeJavaSupport Tool
The WebDriver Protocol
- About the WebDriver Protocol
- Configuration Steps
- Known Issues and Limitations
Test Suite - Studio
- Introduction
- Application Testing
  - Execution Templates
- Testing project templates
  - SAP Testing Project
- Test Cases
- Data-Driven Testing
- RPA Testing
- Test Case Templates
- Test Explorer
  - Test Results
  - Activity Coverage
- Mock Testing
- API Test Automation
Extensions
- About extensions
- SetupExtensions Tool
- UiPath Remote Runtime
- Extension for Chrome
  - Chrome Group Policies
  - Chrome Extension troubleshooting
- Extension for Microsoft Edge
  - Edge Group Policies
  - Microsoft Edge Extension Troubleshooting
- Extension for Firefox
  - Firefox Extension troubleshooting
- Extension for Java
  - Java Extension Troubleshooting
- Extension for Silverlight
- Extension for Citrix
  - Citrix Extension troubleshooting
- Extension for Microsoft Remote Desktop and Apps
  - Microsoft RemoteApp and Desktop troubleshooting
- Extension for VMware Horizon
- SAP Solution Manager Plugin
- Excel Add-in
Troubleshooting
- About Troubleshooting
- Microsoft App-V Support and Limitations
- Internet Explorer X64 Troubleshooting
- Microsoft Office Issues
- Identifying UI Elements in PDF With Accessibility Options
- Identifying UI Elements After Windows Updates
  - Solutions
- JxBrowser Applications Troubleshooting
- User Events Monitoring
- Citrix Troubleshooting

Banner background image

Studio User Guide

Last updated Apr 3, 2024

ST-SEC-008 - SecureString Variable Usage

Rule ID: ST-SEC-008

Scope: Workflow

Description

This rule checks the variable usage of SecureString type in the workflow.

Recommendation

After a SecureString is retrieved, it is recommended to be logged into applications with the help of Type Secure Text activity which sends a SecureString to a UI element, and Send Keys Secure activity for Terminals.

It is important for the credential to not be used for any purpose other than the intended one. Variables holding such secure strings should be defined at the narrowest scope possible.

Arguments should ideally not be used for passing credentials from one workflow to another. Read more about the SecureString class in the official Microsoft documentation.

Modifying the Rule

In the Project Settings window, select the Workflow Analyzer tab. Find the rule and select the rule, as in the image below:

By default, this rule checks for the Variable depth usage of 1. The maximum limit is 3. This means that the rule checks whether variables of SecureString type are defined in an activity found inside a layer of two container activities. For example, a SecureString type variable inside a Type Secure Text activity defined in a Do container, and all part of a Sequence.

To change the depth, simply type in another number smaller than or equal to 3 in this field.

Reset to Default

By default, the rule checks for one Variable depth usage. To return to the default value after modifications were made, simply right-click the rule and select Reset to default.

The Default action is also reset to its default value Error.

On this page

Description
Recommendation
Modifying the Rule
Reset to Default

Was this page helpful?

PREVIOUSST-SEC-007 - SecureString Argument Usage

NEXTST-SEC-009 - SecureString Misusage

Support and Services

Get The Help You Need

Learning RPA - Automation Courses

UiPath Community Forum

Trust and Security

© 2005-2024 UiPath. All rights reserved.