Difference between revisions of "Codereview-Input Validation"

From OWASP
Jump to: navigation, search
Line 7: Line 7:
 
===Business Validation===
 
===Business Validation===
 
===Canonicalization===
 
===Canonicalization===
 +
Canonicalization is the process by which various equivalent forms of a name can be resolved to a single standard name, or the "canonical" name.

Revision as of 05:46, 4 July 2008

OWASP Code Review Guide Table of Contents

Introduction

Inout validation is one of the most effective application security technical controls. It can mitigate numerous vulnerabilities (but not all). Input validation is more than checking form field values. The chapter of transactional analysis talks about this.

Data Validation

Business Validation

Canonicalization

Canonicalization is the process by which various equivalent forms of a name can be resolved to a single standard name, or the "canonical" name.