1 Reply Latest reply on Apr 9, 2012 8:41 AM by Jeff_Coatsworth

    Robohelp 9 security holes when creating webhelp


      How can I assure a customer that the *webhelp* that I am producing with RoboHelp 9 does not have security holes related to:

      • Cross site scripting: persistent, non-persistent, and DOM-based.
      • Cross site framing: does the webhelp prevent itself from running within a frame.
      • Is SQL injection a possible problem?
      • Buffer overflow.
      • Session management.  Require that authenticated users have a secure association with their session.
      • Access control.
      • Input validation.
      • Output encoding/escaping.

      Generally, what processes are in place to ensure that RoboHelp webhelp is free from security vulnerabilities?  Is this certified somehow?