This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Codereview-Input Validation"
From OWASP
Line 7: | Line 7: | ||
===Business Validation=== | ===Business Validation=== | ||
===Canonicalization=== | ===Canonicalization=== | ||
+ | Canonicalization is the process by which various equivalent forms of a name can be resolved to a single standard name, or the "canonical" name. |
Revision as of 10:46, 4 July 2008
OWASP Code Review Guide Table of ContentsIntroduction
Inout validation is one of the most effective application security technical controls. It can mitigate numerous vulnerabilities (but not all). Input validation is more than checking form field values. The chapter of transactional analysis talks about this.
Data Validation
Business Validation
Canonicalization
Canonicalization is the process by which various equivalent forms of a name can be resolved to a single standard name, or the "canonical" name.