From the course: Python: Advanced Design Patterns (2018)
Join today to access over 24,500 courses taught by industry experts.
Case study: Intercepting validator - Python Tutorial
From the course: Python: Advanced Design Patterns (2018)
Case study: Intercepting validator
- (narrator) Many cyber security attacks exploit a software system's dependence on user inputs. In fact, this is often the weakest link in our defense against cyber criminals. Some of the most famous hacking techniques include SQL injection and cross-site scripting. Both SQL injection and cross-site scripting take advantage of the absence of a mechanism to check user inputs before using them for further processing. In the case of SQL injection, malicious users append additional database commands to a user input, intended to be raw data like "user name" as shown here. Cross-site scripting attempts to execute a piece of code by entering it into a text field, as you can see here. The key to preventing both SQL injection and cross-site scripting is adding a step in your code to validate if a user input contains any suspicious keywords. In our SQL injection example, "or" is highly suspicious because it is rare for somebody's user name to contain "or." If a programmer is well-informed about…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.