Input sanitation is important to ensure that data entered by Users do not contain malicious code.

eCatalog provides configuration to perform input sanitation.





There are two types of input sanitation:

  1. Sanitize the input such as text fields which accepts data string entered by user.
  2. Sanitize the query string or parameters. System can accept white-listed parameter/query string.


In the events that sanitation detected threat, system can do either of this option:

  • System logs the threat error, however still allow user to continue
  • System show access denied, and does not allow user to continue