This document discusses secure software development. It covers validating all inputs to prevent XSS and SQL injection attacks, failing securely when errors occur, sanitizing output to remove dangerous characters, avoiding direct object references, and using prepared statements for databases. It also recommends separating behaviors into classes, wrapping primitives, defining domains and boundaries, adding tests for security rules, and designing with default deny and least privilege in mind. The overall message is that security requires quality code, clear concepts, and enforcing rules rather than relying on obscurity.
10. Errors (example)
Registration ----
Name:
tom
Utilisateur existant
Connection ---
Name:
tom
Password:
pouce
Mot de passe invalide
Films:
1) Harry Potter and the
Philosopher's Stone
...
Selection:
10
Le VHS 10 a été trouvé 0 fois
17. Rule #1 : Validate all inputs
// read username
if(!username.matches("<un format>")) {
throw new Error();
}
// do something with username
// read username
// do something with username
29. Hey ...
- Why not testing that we correctly enforce those
requirements?
- Why not trying to reduce our code to the minimum?
- Why not keeping track of those exchanges?
Any idea?
41. Hey, wait!
Who is absolutely sure
that the code always complies with those
rules?
42. Step 1 : make implicit concept explicit
class User {
final String username;
}
String username
43. Step 2 : ensure compliance with rules… ALWAYS
class User {
final Username username;
final Password password;
}
class Username {
// Validation control here!
// Immutability ⇒ checking
state at creation/modification
}
44. Step 2 : Let’s continue with...
1) Extract behaviors into separate classes
2) Wrap primitives into meaningful classes
3) Combine them into entities
4) Ensure
a) Immutability
b) Consistency
5) Define domains and trusted boundaries
64. Remember, even the most secure
design is rendered by a low-quality and
insecure implementation, regardless of
the number of security features the
product employs