Cornucopia - Ecommerce Website - AZ 2

Suit: Authorization

Card/Value: 2

Description:
Tim can influence where data is sent or forwarded to.

Technical Note:
Users must not be able to define unauthorised virtual locations/addresses such as:
 * Database table names.
 * File system paths.
 * Alert SMS or email messages.
 * URL paths.

All such properties must be defined by the ecommerce application itself, or drawn from a valid list of locations permitted for the user and their role.

References:
« Previous Card | Authorization | Next Card »