Direct Web Access Security
We are currently developing an application which utilises the OOTB Direct Web Access functionality. From a security perspective I understand that a once only identifier is generated and this is authenticated and also the external assignment must be static page. However is there any online documentation providing information regarding built in security validation of the form to avoid SQL injection attacks or other similar malicious activities?