ASVS Requirement 8.3.1

• Level: 1
• Chapter: V8 Authorization
• Section: V8.3 Operation Level Authorization
• Source: 0x17-V8-Authorization.md

Description

Verify that the application enforces authorization rules at a trusted service layer and doesn't rely on controls that an untrusted consumer could manipulate, such as client-side JavaScript.