アクセスいただきありがとうございます。こちらのページは現在英語のみのご用意となっております。順次日本語化を進めてまいりますので、ご理解のほどよろしくお願いいたします。

Code Injection

A code injection attack happens when an attacker changes the value of an input or a parameter in a way that causes unexpected behavior in a website (such as a Login with Amazon client). A code injection attack is possible when a website does not validate incoming data before acting on it.

Login with Amazon client websites should validate data coming from the authorization service , especially the state parameter, before acting on it. Login with Amazon clients should also validate customer profile data if they use it programmatically.