Young hacker smiling

We hack your software

zero false positives

Expert intelligence + specialized technology

REQ.160 Encode system outputs

This document contains the details of the security requirements related to the definition and management of application source code the organization. This requirement establishes the importance of encoding system outputs in the corresponding language by using escaping.

Requirement

System information output must be encoded in the corresponding language (escaping).

References

  1. OWASP-ASVS v3.1-5.21 Verify that unstructured data is sanitized to enforce generic safety measures such as allowed characters and length, and characters potentially harmful in given context should be escaped (e.g. natural names with Unicode or apostrophes, such as ねこ or O’Hara).


Service status - Terms of Use