Young hacker smiling

We hack your software

zero false positives

Expert intelligence + Specialized technology
DXST - SAST - IAST - SCA - DevSecOps
White Box - Gray Box - Black Box
Attacking Web Applications, APIs, Mobile Apps
Client-Server, Servers, Networks, IoT Devices
ICS: Industrial Control System

REQ.043 Define explicit content type

This document contains the details of the security requirements related to the definition and management of files in the organization. This requirement establishes the importance of defining explicit content type and codification for all system files dynamically generated.

Requirement

All system files generated dynamically must have a Content-Type explicitly defined.

References

  1. OWASP-ASVS v3.1-5.21 Verify that unstructured data is sanitized to enforce generic safety measures such as allowed characters and length, and characters potentially harmful in given context should be escaped (e.g. natural names with Unicode or apostrophes, such as ねこ or O’Hara).


Service status - Terms of Use