From the course: Advanced Python: Build Hands-On Projects with Design Patterns (2023)
Join today to access over 25,300 courses taught by industry experts.
Intercepting Validator pattern - Python Tutorial
From the course: Advanced Python: Build Hands-On Projects with Design Patterns (2023)
Intercepting Validator pattern
- [Instructor] Many cybersecurity attacks exploit software system's dependence on user inputs. In fact, this is often the weakest link in our defense against cyber criminals. Some of the most famous hacking techniques include SQL injection and cross-site scripting. Both SQL injection and cross-site scripting take advantage of the absence of a mechanism to check user inputs before using them for further processing. In the case of SQL injection, malicious users append additional database commands to a user input, intended to be raw data like username, as shown here. Cross-site scripting attempts to execute a piece of code by entering it into a text field as you can see here. The key to preventing both SQL injection and cross-site scripting is adding a step in your code to validate if a user input contains any suspicious keywords. In our SQL injection example, the word or is highly suspicious because it's rare for…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.