studio

2020.10

false

Release Notes
- 2020.10.2
- 2020.10.4
- 2020.10.6
- 2020.10.7
- 2020.10.8
- 2020.10.9
- 2020.10.10
- 2020.10.11
- 2020.10.12
- 2020.10.13
- 2020.10.14
- 2020.10.15
Getting Started
- Introduction
- The User Interface
- Keyboard Shortcuts
- Configuring Studio Settings
- Project Templates
- Creating a Basic Process
- Creating a Basic Library
- Tutorials
Setup and Configuration
- Hardware and Software Requirements
- Install Studio
  - Services Studio Connects To
- Activate Studio
  - About Licensing
- Update Studio
- Command Line Parameters
- Supported Applications and Technologies
- Enabling Gmail for Email Activities
- Opting Out of Telemetry
Automation Projects
- About Automation Projects
- About Publishing Automation Projects
  - Publishing Projects From Studio
  - Publishing Projects from the Command Line
- About Libraries
  - Loading Web Services in Libraries
- Managing activity packages
- Configuring Activity Project Settings
- Signing Packages
- Governance
- Importing Entities
- Modern Design Experience
Dependencies
- About Dependencies
- Managing Dependencies
- Project Dependencies Mass Update
  - Mass Update Command Line Parameters
- Missing or Invalid Activities
Types of Workflows
- Sequences
- Flowcharts
- State Machines
- Global Exception Handler
File Comparison
- About File Comparison
- Comparing Files
Automation Best Practices
- Workflow Design
- UI Automation
- Project Organization
- Automation Lifecycle
Source Control Integration
- About Version Control
- Managing Projects With GIT
- Managing Projects With TFS
- Managing Projects With SVN
- Workflow Diff
Debugging
- About Debugging
The Diagnostic Tool
- About The Diagnostic Tool
Workflow Analyzer
- About Workflow Analyzer
- Naming Rules
- Design Best Practices
- Project Anatomy Rules
- Maintainability and Readability Rules
- Usage Rules
- Performance and Reusability Rules
  - ST-PRR-004 - Hardcoded Delay Activity
- Reliability Rules
  - ST-REL-006 - Infinite Loop
- Security Rules
  - ST-SEC-007 - SecureString Argument Usage
  - ST-SEC-008 - SecureString Variable Usage
  - ST-SEC-009 - SecureString Misusage
Variables
- Managing Variables
- The Variables Panel
- Types of Variables
- UiPath Proprietary Variables
Arguments
- Managing Arguments
- The Arguments Panel
- Using Arguments
Imported Namespaces
- About Imported Namespaces
- Importing New Namespaces
Control Flow
- About Control Flow
- Control Flow Activities
Object Repository
- About Object Repository
- Creating an Object Repository
- Reusing Objects and UI Libraries
Logging
- Studio Logs
- Setup Logs
- OCR Diagnostic Logs
- Logging Levels
- Types of Logs
- Protecting Sensitive Information
The ScaleCoordinates Migration Tool
- Best Practices and Limitations
- Example of Using the ScaleCoordinates Migration Tool
The ScreenScrapeJavaSupport Tool
- About the ScreenScrapeJavaSupport Tool
- Argument Descriptions for the ScreenScrapeJavaSupport Tool
StudioPro
- Introduction
- Application Testing
- RPA Testing
- API Test Automation
- Mock Testing
Extensions
- About extensions
- SetupExtensions tool
- UiPath Remote Runtime
- Extension for Chrome
  - Group Policies
  - Troubleshooting
- Extension for Edge
  - Group Policies
  - Troubleshooting
- Extension for Firefox
  - Troubleshooting
- Extension for Java
  - Troubleshooting
- Extension for Silverlight
  - Troubleshooting
- Extension for Citrix
  - Automating Citrix Technologies
- Extension for Windows Remote Desktop
- Extension for VMware Horizon
- Extension for Microsoft Edge Legacy
  - Microsoft Edge Legacy Extension Troubleshooting
- SAP Solution Manager Plugin
- Excel Add-in
Troubleshooting
- Internet Explorer X64
- Microsoft Office Interop Issues
- Identifying UI Elements in PDF With Accessibility Options
- Identifying UI Elements After Windows Updates
- JxBrowser Applications
- User Events Monitoring
- Java in App-V
- Microsoft App-V Support and Limitations
- Citrix Troubleshooting

OUT OF SUPPORT

Studio User Guide

上次更新日期 2025年10月23日

ST-SEC-009 - SecureString Misusage

Rule ID: ST-SEC-009

Scope: Workflow

Description

This rule checks whether the SecureString type is misused in the workflow. This string type is used when avoiding to store potentially sensitive strings as plain text.

Recommendation

The SecureString type should not be used for any purpose other than the intended one. Therefore, attempting to cast SecureString to String may be viewed as a security risk.

According to the official Microsoft documentation, if a String object contains any sensitive information, it raises the risk of the data being revealed after it is used.

In addition, the scope of SecureString type variables should be very limited, ideally in the same scope where they were created.

在此页面上

Description
Recommendation

此页面有帮助吗？

前一个ST-SEC-008 - SecureString Variable Usage

下一个Managing Variables