rspec/rules/S5144/common/fix/how-does-this-work.adoc

=== How does this work?

The application should avoid opening URLs that are constructed with untrusted data.

When such a feature is strictly necessary, SSRF can be mitigated by applying
an allow-list of trustable schemes and domains.
[APPSEC-90] Modify rule S5144: Educational content (#1205) 2022-09-01 17:36:53 +02:00			`=== How does this work?`

Modify rule S5144[Python]: Change text to the education framework format (APPSEC-285) (#1401) 2022-11-23 17:38:23 +01:00			`The application should avoid opening URLs that are constructed with untrusted data.`
[APPSEC-90] Modify rule S5144: Educational content (#1205) 2022-09-01 17:36:53 +02:00
Modify rule S5144[Python]: Change text to the education framework format (APPSEC-285) (#1401) 2022-11-23 17:38:23 +01:00			`When such a feature is strictly necessary, SSRF can be mitigated by applying`
			`an allow-list of trustable schemes and domains.`