Statement

The implementation of technologies to prescreen inputs prior to passing to interpreters prevents the content from being unintentionally interpreted as commands. Input validation helps to ensure accurate and correct inputs and prevent attacks such as cross-site scripting and a variety of injection attacks.

Applicability

This Control applies to all West Texas A&M network information resources. The intended audience for this Control includes all information resource owners, custodians, and users of information resources.

Implementation

• Information resource owners or custodians shall implement technological methods to check he validity of information inputs by:
  
  • Checking the valid syntax and semantics of system inputs (e.g., character set, length, numerical range, and acceptable values).
  • Prescreen and validate inputs before passing to interpreters to prevent the content from being unintentionally interpreted as commands.