Section
3.3.4
Top Level
Sub Level
General
Any forwards generated by your site should only be allowed to target specific locations. Ensure that any forward destination is to an authorized location.
Java
Any forwards generated by your site should only be allowed to target specific locations. Ensure that any forward destination is an authorized location. Check all RequestDispatcher.forward(request, response);