Syllabus Point
- Design, develop and implement code using defensive data input handling practices, including input validation, sanitisation and error handling
Never trust user input. Implement multiple layers of defence including client-side validation for user experience and server-side validation for security. Sanitise input to remove or neutralise potentially harmful content, and implement comprehensive error handling that doesn't expose sensitive information.
Input Validation
Input validation is a process of verifying that the user input meets a system's expected format and constraints before being processed.
Examples
- Email address format is valid
- Password meets required complexity
- Numeric values fall in certain range
It helps to prevent malformed data from entering the system, and can block attacks like SQL injection, buffer overflows and illegal access to system functions.
Good practices
- Validating on both the client and server sides
- Using built-in validation libraries
- Always assume user input is malicious
- Whitelist validation - define rules for what valid data is and reject anything that doesn't conform, instead of checking for bad data (blacklisting)
Types of input validation
Client side validation
- Happens in the user's browser using JavaScript
- Provides immediate feedback to users
- Shouldn't be relied on for security because it is easily bypassed
Server side validation
- Checking and validating user input on the server after it has been submitted
- Checks data integrity and conformity to formats and constraints
Sanitisation
The process of cleaning and filtering user input to prevent malicious data from being processed by the application. It's important for preventing Cross-Site Scripting and SQL injection attacks.
Key aspects
- Removing unwanted characters
- Validating user input
- Ensuring special characters are treated as literals instead of executable code (eg converting < to <)
- White listing
Input validation vs input sanitisation
Input validation is to ensure user input is correct, expected and useful, by checking against a defined criteria. Input sanitisation is to clean user input to prevent it from being harmful or malicious, by modifying or removing potentially dangerous characters or content to make sure input is safe to process.
Error Handling
An application should handle errors without revealing sensitive information to users, while detailed logs should be maintained to help developers troubleshoot issues. Only information that's necessary for debugging should be logged (never log sensitive data). When an error occurs, sensitive information shouldn't be shown to the user (use generic error messages).
Secure error handling
Error handling involves managing errors and exceptions in a way that doesn't expose sensitive information or create security vulnerabilities.
Key principles
- Do not expose sensitive information like file paths, database queries or server configurations
- Differentiate between user and developer error messages - developer-facing errors can provide more detail, but should only be logged internally or displayed in development environments, not production
- The system should be designed to handle errors efficiently, making sure that an error doesn't cause the application to crash
- Errors should be logged securely, and protected from unauthorised access
- Using try-except blocks
- Implementing safe measures if an application fails - eg if a payment fails, the system shouldn't charge the user or leave the transaction in an uncertain state
Types of errors
Syntax errors
Errors in the code structure that prevent the program from running.
Runtime errors
Occur during program execution, caused by invalid inputs, missing resources or failed external connections.
Logical errors
Program runs without crashing, but produces incorrect results due to flawed logic.
Related Resources
Keep Progressing
Use the lesson navigation below to move through the module sequence.
