7 lines
235 B
Plaintext
7 lines
235 B
Plaintext
=== How does this work?
|
|
|
|
The application should avoid opening URLs that are constructed with untrusted data.
|
|
|
|
When such a feature is strictly necessary, SSRF can be mitigated by applying
|
|
an allow-list of trustable schemes and domains.
|