LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: Programming Foundations: Web Security

Unlock the full course today

Join today to access over 24,700 courses taught by industry experts.

Validate input

Validate input

From the course: Programming Foundations: Web Security

Start my 1-month free trial Buy for my team

Validate input

“

- Validating input is an important technique to ensure that only good data is allowed into your web application. As we just saw, regulating requests provides a first line of defense by examining the envelope around the data being sent to our servers. If the envelope passes inspection, then the data that's inside the envelope should be inspected next. Watching this data coming through well-known public pathways is one of the first steps to secure any website. Most hackers don't use secret back doors or unexpected zero day exploits. More often, they use the standard data inputs, but then send in malicious data. Data validation determines if the data being received as input is acceptable. This means you need to establish criteria to separate good data from bad data. What are your expectations for the data? What should be considered acceptable data? What should be considered unacceptable data? The answers to these…

Contents