ASVS Requirement 1.3.6

• Level: 2
• Chapter: V1 Encoding and Sanitization
• Section: V1.3 Sanitization
• Source: 0x10-V1-Encoding-and-Sanitization.md

Description

Verify that the application protects against Server-side Request Forgery (SSRF) attacks, by validating untrusted data against an allowlist of protocols, domains, paths and ports and sanitizing potentially dangerous characters before using the data to call another service.