Filtering special characters in the names of HTTP Access Tokens

XMLWordPrintable

    • Type: Suggestion
    • Resolution: Unresolved
    • None
    • Component/s: Access Keys
    • None
    • 0
    • 1

      HTTP Access Tokens should not accept names with special characters, such as:
      < > " ' % ; { } & +
      as these characters may be used to attempt an injection of JavaScript code.
      The length of the Token's name also needs to be checked.

      It would prevent the risk of this input field being used for attempting Cross-Site Scripting (XSS), or other exploits.

              Assignee:
              Unassigned
              Reporter:
              Marek Suchecki (Inactive)
              Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: