trust no one

This content originally appeared on DEV Community and was authored by Volker Schukai

The Log4j debacle has once again brought into focus an old mantra of web development:

Trust no one!

As a developer, you are responsible for the data you retrieve from various sources. Especially for data that comes from a context you can't control.

Then, first of all, for data coming through the Web API, but also for data coming from a database or data coming from the file system.

But if the data ....

No!

All data must be validated and it must be ensured that these inputs are not malicious. You also never know what will happen to the data later (see Log4j).

Therefore: Validate your data!

References

• lunasec.io/docs/blog/log4j-zero-day/
• issues.apache.org/jira/browse/LOG4J2-905

This content originally appeared on DEV Community and was authored by Volker Schukai

Print Share Comment Cite Upload Translate Updates

APA

Volker Schukai | Sciencx (2021-12-19T19:11:20+00:00) trust no one. Retrieved from https://www.scien.cx/2021/12/19/trust-no-one/

MLA

" » trust no one." Volker Schukai | Sciencx - Sunday December 19, 2021, https://www.scien.cx/2021/12/19/trust-no-one/

HARVARD

Volker Schukai | Sciencx Sunday December 19, 2021 » trust no one., viewed ,<https://www.scien.cx/2021/12/19/trust-no-one/>

VANCOUVER

Volker Schukai | Sciencx - » trust no one. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2021/12/19/trust-no-one/

CHICAGO

" » trust no one." Volker Schukai | Sciencx - Accessed . https://www.scien.cx/2021/12/19/trust-no-one/

IEEE

" » trust no one." Volker Schukai | Sciencx [Online]. Available: https://www.scien.cx/2021/12/19/trust-no-one/. [Accessed: ]

rf:citation

» trust no one | Volker Schukai | Sciencx | https://www.scien.cx/2021/12/19/trust-no-one/ |

Please log in to upload a file.

There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.