课程: Programming Foundations: Web Security

今天就学习课程吧!

今天就开通帐号,24,600 门业界名师课程任您挑!

Validate input

Validate input

课程: Programming Foundations: Web Security

开始一个月试用 购买团队方案

Validate input

- Validating input is an important technique to ensure that only good data is allowed into your web application. As we just saw, regulating requests provides a first line of defense by examining the envelope around the data being sent to our servers. If the envelope passes inspection, then the data that's inside the envelope should be inspected next. Watching this data coming through well-known public pathways is one of the first steps to secure any website. Most hackers don't use secret back doors or unexpected zero day exploits. More often, they use the standard data inputs, but then send in malicious data. Data validation determines if the data being received as input is acceptable. This means you need to establish criteria to separate good data from bad data. What are your expectations for the data? What should be considered acceptable data? What should be considered unacceptable data? The answers to these…

内容