You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There needs to be some validation on the server side beyond "it's a valid JSON document so let's store it." At a minimum we should:
Check that the size of the response is reasonable (<1MB?) before attempting to interpret it.
Check that none of the identification fields are empty.
Check that the email address is valid.
Check that at least one asset has been submitted.
Check that all assets are not missing required fields.
We should be safe in terms of JSON parsing as the default Python configuration will stick to its conversion table and not perform magic with deserialising objects.
The text was updated successfully, but these errors were encountered:
There needs to be some validation on the server side beyond "it's a valid JSON document so let's store it." At a minimum we should:
We should be safe in terms of JSON parsing as the default Python configuration will stick to its conversion table and not perform magic with deserialising objects.
The text was updated successfully, but these errors were encountered: