Security anti-patterns
It's time for us to understand what kind of practices usually land the application in the vulnerability zone of security breaches. There could be a number of things that can cause the application to suffer from security issues,as we move through this section we will take a look at some of the mistakes that usually leaves an application vulnerable to security breaches. So, let's go through them one by one.
Not filtering user input
As an application developer, we want our users to trust our application. That is the only way we can make sure that our users will use our application. But how about trusting our users equally and expecting them not to do anything wrong? Specifically, trusting them with the input they will provide us through the use of input mechanisms our application exposes to the user for taking input from them.
The following snippet of code shows a simple example of not filtering the input provided by the user:
username = request.args.get('username')
email...
