all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Web Security 101 - Part 2: User Input

Add to bookmarks
Nov. 30, 2022, 11:17 p.m. | Abbey Perini

DEV Community dev.to

Never trust anything a user puts into your app.



  1. Listing

  2. Input Validation

  3. Encoding

  4. Sanitization

  5. XSS

  6. SQL Injection

  7. Command Injection

  8. Client-Side Authorization





Listing


Cybersecurity has multiple types of listing.



  • Whitelisting is making a list of values that are allowed. For example, a CORS policy that only allows requests from a list of certain sites.

  • Blacklisting is making a list of values that aren't allowed. For example, blocking a number on your phone.

  • Allowlisting is making a list of trusted files, applications, …

beginners input programming security security 101 web webdev web security

Visit resource

More from dev.to / DEV Community

A Journey into Unseen Threats on our VM 3 hours ago | dev.to
access addresses author blog +18
Security news weekly round-up - 10 May 2024 6 hours ago | dev.to
articles artificial artificial intelligence can +20
Attenzione borseggiatrici! How I tested my way to avoid getting pickpocketed in my travels so … 6 hours ago | dev.to
course europe far information +7
[TryHackMe][CTF] GoldenEye 8 hours ago | dev.to
apache ctf dovecot http +17
Streamlined Guide: Setting Up SSH and GPG Keys on GitHub 10 hours ago | dev.to
code commit devops github +17
Securing the Cloud #28 10 hours ago | dev.to
aws blog career career development +23
Demo: Minder, a software supply chain security platform from Stacklok 11 hours ago | dev.to
automated automated remediation catch code +21
Intrusion Detection System (IDS) Vs Intrusion Prevention System (IPS) 14 hours ago | dev.to
critical cyber cyber threats demands +23
Voxel51 Filtered Views Newsletter - May 10, 2024 15 hours ago | dev.to
ai author computer computer vision +23

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Information Security Engineer (Vienna) - (m/f/d)

@ Sportradar | Wien, Poland
View on infosec-jobs.com

DevSecOps Engineer - U.S. Citizenship Required

@ Ardent MC | Remote
View on infosec-jobs.com

Head of AML, Regulatory and Compliance

@ Delivery Hero | Athens, Greece
View on infosec-jobs.com

Cybersecurity professional Mid-Senior level

@ Ethics Code | El Salvador - Remote
View on infosec-jobs.com

Senior Information Security Specialist

@ TRISTAR | 1801 Liberty Drive, Bloomington, IN, USA
View on infosec-jobs.com

SOC Analyst Level 2

@ Inbox Business Technologies | Islamabad, Islamabad Capital Territory, Pakistan
View on infosec-jobs.com
View more jobs