Input Sanitization
Input sanitation is important to ensure that data entered by Users do not contain malicious code.
eCatalog provides configuration to perform input sanitation.
There are two types of input sanitation:
- Sanitize the input such as text fields which accepts data string entered by user.
- Sanitize the query string or parameters. System can accept white-listed parameter/query string.
In the events that sanitation detected threat, system can do either of this option:
- System logs the threat error, however still allow user to continue
- System show access denied, and does not allow user to continue