Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Hands-On Enterprise Application Development with Python

You're reading from   Hands-On Enterprise Application Development with Python Design data-intensive Application with Python 3

Arrow left icon
Product type Paperback
Published in Dec 2018
Publisher Packt
ISBN-13 9781789532364
Length 374 pages
Edition 1st Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Saurabh Badhwar Saurabh Badhwar
Author Profile Icon Saurabh Badhwar
Saurabh Badhwar
Arrow right icon
View More author details
Toc

Table of Contents (19) Chapters Close

Preface 1. Using Python for Enterprise 2. Design Patterns – Making a Choice FREE CHAPTER 3. Building for Large-Scale Database Operations 4. Dealing with Concurrency 5. Building for Large-Scale Request Handling 6. Example – Building BugZot 7. Building Optimized Frontends 8. Writing Testable Code 9. Profiling Applications for Performance 10. Securing Your Application 11. Taking the Microservices Approach 12. Testing and Tracing in Microservices 13. Going Serverless 14. Deploying to the Cloud 15. Enterprise Application Integration and its Patterns 16. Microservices and Enterprise Application Integration 17. Assessment 18. Other Books You May Enjoy

Security anti-patterns


It's time for us to understand what kind of practices usually land the application in the vulnerability zone of security breaches. There could be a number of things that can cause the application to suffer from security issues,as we move through this section we will take a look at some of the mistakes that usually leaves an application vulnerable to security breaches. So, let's go through them one by one.

Not filtering user input

As an application developer, we want our users to trust our application. That is the only way we can make sure that our users will use our application. But how about trusting our users equally and expecting them not to do anything wrong? Specifically, trusting them with the input they will provide us through the use of input mechanisms our application exposes to the user for taking input from them.

The following snippet of code shows a simple example of not filtering the input provided by the user:

username = request.args.get('username')
email...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime