ASVS Requirement 5.4.1

• Level: 2
• Chapter: V5 File Handling
• Section: V5.4 File Download
• Source: 0x14-V5-File-Handling.md

Description

Verify that the application validates or ignores user-submitted filenames, including in a JSON, JSONP, or URL parameter and specifies a filename in the Content-Disposition header field in the response.