Secure Mobile Development
首页 白天 夜间 下载 阅读记录
  • 书签 我的书签
  • 添加书签 添加书签 移除书签 移除书签
编辑文档

Validate Input From Client

来源 1 浏览 655 扫码 打印 2019-04-27 17:33:02

    Validate Input From Client

    As with proper web application security, all input from the client should be must be treated as untrusted. Services must thoroughly filter and validate input from the app and user. Proper sanitization includes all user input before transmitting and during receipt.

    • iOS
      https://developer.apple.com/library/ios/documentation/uikit/reference/UITextFieldDelegate_Protocol/UITextFieldDelegate/UITextFieldDelegate.html
    • CWE 79, , 120
    上一篇:
    下一篇:
    • 书签
    • 添加书签 移除书签
    • Android
      • Sign Android APKs
      • Avoid GUI Objects Caching
      • Avoid Intent Sniffing
      • Avoid Storing Cached Camera Images
      • Check Activities
      • Implement Content Providers Carefully
      • Implement File Permissions Carefully
      • Implement Intents Carefully
      • Implement PendingIntents Carefully
      • Protect Application Services
      • 7.13 Request Android permissions carefully
      • 7.14 Set the “usesCleartextTraffic” flag to false
      • Use Broadcasts Carefully
      • Follow WebView Best Practices
    • Caching and Logging
      • Avoid Caching App Data
      • Avoid Crash Logs
      • Be Aware of Copy and Paste
      • Be Aware of the Keyboard Cache
      • Carefully Manage Debug Logs
      • Limit Caching of Username
    • Coding Practices
      • Implement Anti-tamper Techniques
      • Avoid Query String for Sensitive Data
      • Avoid Simple Logic
      • Increase Code Complexity and Use Obfuscation
      • 2.8 Use caution in deserializing untrusted data
      • Securely Store Sensitive Data in RAM
      • Test Third-Party libraries
      • Understand Secure Deletion of Data
    • iOS
      • Avoid Cached Application Snapshots
      • Avoid Caching HTTP(S) Requests/Responses
      • 6.7 Declare Intended Use of Protected Data Classes
      • Implement App Transport Security (ATS)
      • Implement Protections Against Buffer Overflow Attacks
      • Implement Touch ID Properly
      • Use the Keychain Carefully
    • Mobile Security Primer
    • Secure Mobile Development
    • Handling Sensitive Data
      • Avoid Storing App Data in Backups
      • Fully validate SSL/TLS
      • Hide Account Numbers and Use Tokens
      • Implement Enhanced/Two-Factor Authentication
      • Implement Secure Data Storage
      • Implement Secure Network Transmission Of Sensitive Data
      • Institute Local Session Timeout
      • Limit Use of UUID
      • Protect Against SSL Downgrade Attacks
      • Protect Application Settings
      • Treat Geolocation Data Carefully
      • Use SECURE Setting For Cookies
      • Validate Input From Client
    • Servers
      • Protect and Perform Penetration Testing of Web Services
      • Protect Internal Resources
      • Properly Configure Server-side SSL
      • Implement Proper Web Server Configuration
      • Use Proper Session Management
    • Webviews
      • Prevent Framing and Clickjacking
      • Protect against CSRF with form tokens
    暂无相关搜索结果!

      本文档使用 全库网 构建

      展开/收起文章目录

      思维导图备注

      文章二维码

      手机扫一扫,轻松掌上读

      文档下载

      请下载您需要的格式的文档,随时随地,享受汲取知识的乐趣!
      PDF文档 EPUB文档 MOBI文档

      书签列表

        阅读记录

        阅读进度: 0.00% ( 0/0 ) 重置阅读进度