File tree Expand file tree Collapse file tree 1 file changed +1
-1
lines changed Expand file tree Collapse file tree 1 file changed +1
-1
lines changed Original file line number Diff line number Diff line change 5252
5353##### SANITIZATION OF INPUT
5454- [ ] ` Sanitize ` all user inputs or any input parameters exposed to user to prevent [ XSS] ( https://en.wikipedia.org/wiki/Cross-site_scripting ) .
55- - [ ] ` Sanitize ` all user inputs or any input parameters exposed to user to prevent [ SQL Injection] ( https://en.wikipedia.org/wiki/SQL_injection ) .
55+ - [ ] Always use parameterized queries to prevent [ SQL Injection] ( https://en.wikipedia.org/wiki/SQL_injection ) .
5656- [ ] Sanitize user input if using it directly for functionalities like CSV import.
5757- [ ] ` Sanitize ` user input for special cases like robots.txt as profile names in case you are using a url pattern like coolcorp.io/username.
5858- [ ] Do not hand code or build JSON by string concatenation ever, no matter how small the object is. Use your language defined libraries or framework.
You can’t perform that action at this time.
0 commit comments