课程: Advanced Python: Build Hands-On Projects with Design Patterns (2023)
今天就开通帐号,24,700 门业界名师课程任您挑!
Intercepting Validator pattern - Python教程
课程: Advanced Python: Build Hands-On Projects with Design Patterns (2023)
Intercepting Validator pattern
- [Instructor] Many cybersecurity attacks exploit software system's dependence on user inputs. In fact, this is often the weakest link in our defense against cyber criminals. Some of the most famous hacking techniques include SQL injection and cross-site scripting. Both SQL injection and cross-site scripting take advantage of the absence of a mechanism to check user inputs before using them for further processing. In the case of SQL injection, malicious users append additional database commands to a user input, intended to be raw data like username, as shown here. Cross-site scripting attempts to execute a piece of code by entering it into a text field as you can see here. The key to preventing both SQL injection and cross-site scripting is adding a step in your code to validate if a user input contains any suspicious keywords. In our SQL injection example, the word or is highly suspicious because it's rare for…
随堂练习,边学边练
下载课堂讲义。学练结合,紧跟进度,轻松巩固知识。
下载课程离线学习
下载课程到移动设备,轻松离线学习。在领英学习 iOS 或安卓版 APP 下载课程