Kingdom: Input Validation and Representation
Input validation and representation problems ares caused by metacharacters, alternate encodings and numeric representations. Security problems result from trusting input. The issues include: "Buffer Overflows," "Cross-Site Scripting" attacks, "SQL Injection," and many others.
Missing Form Field Constraints
Abstract
The application does not constrain the form data.
Explanation
The application fails to define limits and constraints for the type of data received from a web form. It is a good practice to define a set of constraints, such as the maximum and minimum length, which the received data needs to meet.
Example 1: The following code defines a form but fails to define the data constraints:
Example 1: The following code defines a form but fails to define the data constraints:
def form = Form(
mapping(
"name" -> text,
"age" -> number
)(UserData.apply)(UserData.unapply)
)
desc.structural.scala.missing_form_field_constraints