ASVS Requirement 1.2.2

• Level: 1
• Chapter: V1 Encoding and Sanitization
• Section: V1.2 Injection Prevention
• Source: 0x10-V1-Encoding-and-Sanitization.md

Description

Verify that when dynamically building URLs, untrusted data is encoded according to its context (e.g., URL encoding or base64url encoding for query or path parameters). Ensure that only safe URL protocols are permitted (e.g., disallow javascript: or data:).