...
IDS00-J. Always validate user input
IDS15-J. Prefer using URIs to URLs
IDS01-J. Sanitize before processing or storing user input
IDS02-J. Validate strings after performing normalization
IDS03-J. Do not delete non-character code points
IDS04-J. Properly encode or escape output
IDS05-J. Library methods should validate their parametersIDS14-J. Perform loss less conversion of String to given encoding and back
IDS06-J. Prevent OS Command Injection
...
IDS09-J. Prevent XPath Injection
IDS10-J. Prevent XML external entity attacks
IDS11IDS17-J. Understand how escape characters are interpreted when String literals are compiledPrevent against LDAP injection
IDS12-J. Prevent against code injectionIDS01-J. Sanitize before processing or storing user input
IDS13-J. Account for supplementary and combining characters in globalized code
IDS02IDS14-J. Validate strings after performing normalization
IDS03-J. Do not delete non-character code points
IDS10-J. Prevent XML external entity attacks
IDS04-J. Properly encode or escape output
Perform loss less conversion of String to given encoding and back
IDS15-J. Prefer using URIs to URLs
IDS16-J. Do not use locale dependent methods on locale insensitive data
IDS05IDS17-J. Library methods should validate their parameters
IDS11-J. Prevent against LDAP injection
IDS12-J. Prevent against code injectionUnderstand how escape characters are interpreted when String literals are compiled
Risk Assessment Summary
Recommendations
...