We are updating the Sandbox test environments to ensure that development and testing activities meet the same security requirements that are in place for Production. This tighter environment consistency will significantly help reduce the odds of finding security related issues in Production.On Thursday, December 17, ACME will update the Web Application Firewall, powered by CloudFlare, for our Sandbox sites to match the Production setting, specifically enabling OWASP10 for B2C API endpoints.
This security measure is in place in Production to prevent unauthorized activity from passing potentially malicious scripts into ACME, as well as to block other potential application layer attacks. (Please note: Scripted tags are not blocked in B2B calls, as ACME has other security methods in place to ensure that calls made to the b2b endpoints are from trusted sources.)
Chief Technology Officer / Co-Founder