From 35c88d2a92e9ff966dce02562ee8851d46d10d15 Mon Sep 17 00:00:00 2001
From: tcme <hi@this-connect.me>
Date: Sat, 2 Sep 2017 14:44:18 +0200
Subject: [PATCH] Check the API Security Checklist Project (#91)

- https://github.com/wearehive/project-guidelines/issues/74
- https://github.com/shieldfy/API-Security-Checklist
---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index d0cdc0f..e1cca16 100644
--- a/README.md
+++ b/README.md
@@ -713,6 +713,7 @@ These are some basic security best practices:
     _Why:_
     > For instance, accepting the `application/x-www-form-urlencoded` mime type allows the attacker to create a form and trigger a simple POST request. The server should never assume the Content-Type. A lack of Content-Type header or an unexpected Content-Type header should result in the server rejecting the content with a `4XX` response.
 
+* Check the API Security Checklist Project. [read more...](https://github.com/shieldfy/API-Security-Checklist)
 
 <a name="api-documentation"></a>
 ### 9.3 API documentation