From 49db1ef0ea9ae1ae4048fac4126865472473c736 Mon Sep 17 00:00:00 2001 From: sickwiz Date: Fri, 11 Dec 2020 21:13:30 +0530 Subject: [PATCH] Fixed a small spelling mistake in Application security section-> pt 5. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 9a68ddd..4b716fc 100644 --- a/README.md +++ b/README.md @@ -37,7 +37,7 @@ At SquareBoat, we take mobile and web security seriously. Though we do understan 2. CSRF tokens are a must for all form submissions and AJAX requests. 3. Admin login page and user login pages must be separate. The admin login page must have a captcha. 4. Send an email to the user whenever his password has changed -5. Uploaded files must be scanned for virused and malware +5. Uploaded files must be scanned for viruses and malware 6. Prevent or restrict the uploading of any file that may be interpreted by the web server. 7. Validate uploaded files are the expected type by checking file headers. Checking for file type by extension alone is not sufficient. 8. Validate your redirects - Do not allow the user to supply (parts of) the URL to be redirected to.