This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Category:Input Validation"

From OWASP
Jump to: navigation, search
 
(Reverting to last version not containing links to www.texttrocelt.com)
 
(12 intermediate revisions by 6 users not shown)
Line 1: Line 1:
[[Category:Technology]]
+
==Description==
 +
 
 +
Input validation refers to the process of validating all the input to an application before using it. Input validation is absolutely critical to application security, and most application risks involve tainted input at some level.
 +
 
 +
Many applications do not plan input validation, and leave it up to the individual developers. This is a recipe for disaster, as different developers will certainly all choose a different approach, and many will simply leave it out in the pursuit of more interesting development.
 +
 
 +
See [[Data_Validation]] for more.
 +
 
 +
==Related Threats==
 +
 
 +
==Related Attacks==
 +
 
 +
==Related Vulnerabilities==
 +
 
 +
==Related Countermeasures==

Latest revision as of 18:27, 27 May 2009

Description

Input validation refers to the process of validating all the input to an application before using it. Input validation is absolutely critical to application security, and most application risks involve tainted input at some level.

Many applications do not plan input validation, and leave it up to the individual developers. This is a recipe for disaster, as different developers will certainly all choose a different approach, and many will simply leave it out in the pursuit of more interesting development.

See Data_Validation for more.

Related Threats

Related Attacks

Related Vulnerabilities

Related Countermeasures

Pages in category "Input Validation"

The following 4 pages are in this category, out of 4 total.