ASVS Requirement 3.7.2

• Level: 2
• Chapter: V3 Web Frontend Security
• Section: V3.7 Other Browser Security Considerations
• Source: 0x12-V3-Web-Frontend-Security.md

Description

Verify that the application will only automatically redirect the user to a different hostname or domain (which is not controlled by the application) where the destination appears on an allowlist.