Contact Us 1-800-596-4880

Security

The module must follow all standard security best practices.

In particular, the following should be given special consideration:

  • Protect against XXE attacks

  • Always sanitize information from untrusted sources

  • When reading files from the local file system, make sure not to access secrets of the host environment nor enable path traversal

  • When possible, use CSRF tokens

  • When executing queries to a database, make correct use of PreparedStatement class to avoid SQL injection attacks.