Skip to main content

Hitachi ID certification

Product Sites

Web Form Input Protection

Web Form Input Protection The Hitachi ID Identity and Access Management Suite web user portal is implemented using the standard common gateway interface (CGI) mechanism, available on all web servers. CGI programs are exclusively responsible for accepting user input and displaying web pages. As such, the CGI programs may be attacked so need to incorporate strong protections.

All Hitachi ID Identity and Access Management Suite CGI programs use a standard string library to validate all inputs and protect against buffer overflow, SQL injection, cross site scripting and similar attacks. This is done by checking maximum input lengths, filtering out special characters and HTML codes, checking for valid formatting and value ranges, etc.

page top page top