all InfoSec news
Web Security 101 - Part 2: User Input
Nov. 30, 2022, 11:17 p.m. | Abbey Perini
DEV Community dev.to
Never trust anything a user puts into your app.
- Listing
- Input Validation
- Encoding
- Sanitization
- XSS
- SQL Injection
- Command Injection
- Client-Side Authorization
Listing
Cybersecurity has multiple types of listing.
- Whitelisting is making a list of values that are allowed. For example, a CORS policy that only allows requests from a list of certain sites.
- Blacklisting is making a list of values that aren't allowed. For example, blocking a number on your phone.
- Allowlisting is making a list of trusted files, applications, …
beginners input programming security security 101 web webdev web security
More from dev.to / DEV Community
Jobs in InfoSec / Cybersecurity
Information Security Engineer (Vienna) - (m/f/d)
@ Sportradar | Wien, Poland
DevSecOps Engineer - U.S. Citizenship Required
@ Ardent MC | Remote
Head of AML, Regulatory and Compliance
@ Delivery Hero | Athens, Greece
Cybersecurity professional Mid-Senior level
@ Ethics Code | El Salvador - Remote
Senior Information Security Specialist
@ TRISTAR | 1801 Liberty Drive, Bloomington, IN, USA
SOC Analyst Level 2
@ Inbox Business Technologies | Islamabad, Islamabad Capital Territory, Pakistan