Section
9.1.3
Top Level
Sub Level
General
Before authentication, the application should allocate only the minimum amount of resources needed to complete the authentication request.
Java
Avoid using readLine(). All forms of the readLine method in Readers andInputStreams are susceptible to a denial of service attack resulting in anOutOfMemoryError as they keep reading until they encounter a carriage return or line feed. Use read() with a size limit instead.
Natural Webagent
This is handled by EID authentication.