whitelist input validation

In learningYour users may be excellent, and most users may use the application exactly as expected. However, as long as the opportunity to enter is provided, there is a high likelihood of very bad input. As an application developer, you must prevent

Filter input Filtering is the foundation of Web application security. It is the process of verifying the legitimacy of your data. By confirming that all data is filtered at input, you can avoid contaminated (unfiltered) data being into trusting and

1. domain-driven security Domain-driven security is a code design approach. The idea is to transform an implicit concept into a display, an object-oriented approach, which is an abstraction of a concept into a class in which the properties of a

Seven habits of writing a secure PHP application Improve the security of your WEB application Security in PHP applications includes remote security and local security. This article will reveal the habits that PHP developers should develop when

At the beginning of the holiday, I took the time to see "White hat Speaking web security", Wu Hanqing basically all the Web security can be encountered problems, solutions summed up very clearly, but also i this time the cornerstone of the overall

This article is a translated version of the XSS defense Checklist Https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_SheetIntroductionThis article describes a simple positive pattern that properly uses output transcoding

Security in PHP applications includes remote security and local security. This article will reveal the habits that PHP developers should develop when implementing WEB applications with these two security types.When it comes to security issues, be

The document did last year, supposedly should be updated, not well written, some did not write the whole, referring to a lot of documents. Say Owasp Codereview, also should out 2.0. The cows were passing by, giving some advice. Directory 1.

1. ForewordWhile Web application is becoming richer, the Web server is becoming the main target for its powerful computing ability, processing performance and high value. SQL injection, Web tampering, Web page hanging Horse and other security

Scenario (scenario) and verification Rules (rule) in Yii2, yii2scenario Preface A scenario, as its name implies, is a scene. There are also scenarios in yii2, which are similar to what you understand. Systems that interact with users are essential