An outside testing company performing black box testing against a new application determines that it is possible to enter any characters into the application’s webbased form. Which of the following controls should the application developers use to prevent this from occurring?

A.
CSRF prevention

B.
Sandboxing

C.
Fuzzing

D.
Input validation