ASVS Requirement 1.3.4

• Level: 2
• Chapter: V1 Encoding and Sanitization
• Section: V1.3 Sanitization
• Source: 0x10-V1-Encoding-and-Sanitization.md

Description

Verify that user-supplied Scalable Vector Graphics (SVG) scriptable content is validated or sanitized to contain only tags and attributes (such as draw graphics) that are safe for the application, e.g., do not contain scripts and foreignObject.