|
<< Click to Display Table of Contents >> Navigation: Classes > TIWSecurityOptions > Properties > EncodeSanitizedIdentifiers |
SIGNATURE=IWServerControllerBase.TIWSecurityOptions.EncodeSanitizedIdentifiers
ETYPE=Property
Declaration:
Delphi: |
published property EncodeSanitizedIdentifiers: Boolean; |
C++: |
__published: __property bool EncodeSanitizedIdentifiers; |
Description: Some penetration test tools (e.g. https://www.zaproxy.org) reports any partial match in the result error message (which is wrong, anyway...) as a security issue (CWE-94) This option gives the users the option to encode the identifier as a Base64 string which will prevent any false positives but stil preserve the traceability