V51, Add requirements about user consent

OWASP / ASVS

Application Security Verification Standard

Creative Commons Attribution Share Alike 4.0 International

2.76k stars 671 forks source link

Closed randomstuff closed 1 day ago

randomstuff commented 2 days ago

Relates to #2120.

randomstuff commented 2 days ago

The location of "Verify that the user can review, modify and revoke granted consents at any time." is questionnable.

elarlang commented 1 day ago

I think proposed requirement 4.2.6 requires more brain-work and it is not PR ready. I prefer to have this discussion in a (separate?) issue.

I can go with other 2, note that I made changes to one of them.