From the course: Ten Security Tips for Developers
Join today to access over 24,200 courses taught by industry experts.
Validate and sanitize
From the course: Ten Security Tips for Developers
Validate and sanitize
- [Instructor] The most immediate and most obvious incursion point for any digital app is an input field, typically a form of some sort. Here's an example. A standard form on website asks a visitor to enter their personnel, name, email address, website, and so on. What could possibly go wrong? Enter XSS short for cross-site scripting. This is when someone sends a script request to a website and attempt to execute that script even though it doesn't belong on the site. The classic example is sending a URI containing some inline JavaScript to trigger an alert like this. If this URI is stored in a database and then later displayed as is on the front end of a site, it will trigger an alert box showing up reading, hacked. Which is not great. Now, an unprompted alert like this is alarming, but relatively innocuous. Now imagine if instead of merely sending an alert the script executes some complex function to do something…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.