28,936
edits
Changes
m
→File:art.png Security Features
Line 74:
Line 74:
*Protection against SQL injection. Protected by an Internal WAF, and unit test to check database good practice for escapement. <sup>[*2]</sup>.
*Protection against SQL injection. Protected by an Internal WAF, and unit test to check database good practice for escapement. <sup>[*2]</sup>.
*Protection against XSS injection (Cross Site Scripting). Protected by an internal WAF and web page headers. <sup>[*1]</sup>.
*Protection against XSS injection (Cross Site Scripting). Protected by an internal WAF and web page headers. <sup>[*1]</sup>.
−*Protection against SSRF.
+*Protection against SSRF. All access to an URL uses the getURLContent() method into core/lib/geturl.lib.php that bring this protection.
*Protection against CSRF (Cross Site Request Forgery). Protected by an internal WAF and a token system. <sup>[*5]</sup>.
*Protection against CSRF (Cross Site Request Forgery). Protected by an internal WAF and a token system. <sup>[*5]</sup>.