ASVS Requirement 3.5.5

• Level: 2
• Chapter: V3 Web Frontend Security
• Section: V3.5 Browser Origin Separation
• Source: 0x12-V3-Web-Frontend-Security.md

Description

Verify that messages received by the postMessage interface are discarded if the origin of the message is not trusted, or if the syntax of the message is invalid.