Security

I have a question on what is already done regarding form security?

Did you include client-side and the server-side form validation?

Or do you use a PHP built-in function to sanitize the input?

I saw that you use htmlspecialchars() to sanitize output to protect against XSS. And also a nonce to identify the form.

I am asking to ensure we offer no insecure website to our clients using this plugin. If needed we could also support you with that.

• This topic was modified 2 years, 9 months ago by lphoffmann.