Mobile App Profile 1.6.2.1 : Verification L1.1 is L2 level requirement

appdefensealliance / ASA-WG

3 stars 6 forks source link

Closed zka-nord closed 2 months ago

zka-nord commented 3 months ago

If JS is disabled as in L1.1 then nothing else is needed and this should already qualify as passing the L2 level of security.

Output from semgrep rules shall demonstrate JavaScript is disabled.

zka-nord commented 3 months ago

The same applies to iOS 2.5.2.1

elidermang commented 2 months ago

Addressed in the recent commit.