A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

The bad news is that input validation is difficult. White listing, or identifying all possible strings accepted as input, is nearly impossible for all but the simplest of applications. Black listing, ...

In Part 1 of this series, I showed you an example of PowerShell's native validation capabilities. In that installment, I wrote a function that accepted a text string as input. The function then used ...

Microsoft .NET lets you build complex applications quickly and easily, but its selection of controls does have notable gaps. Fortunately, you can address part of this deficiency yourself by building ...

Some of the most embarrassing database breaches of the past few years boil down to one big root cause: poor input validation and sanitization imposed by developers who create Web applications that tap ...

Most web frameworks I've seen handle form validation using exceptions; if the form fields or the whole form don't meet the requirements, an exception is thrown and dealt with (redirect back to the ...

Community driven content discussing all aspects of software development from DevOps to design patterns. Standard security practices are the baseline for any product, and even the most junior software ...

Ruby on Rails fixed six vulnerabilities in versions 3.x, 4.1.x, 4.2.x, and Rails 5.0 beta and three in rails-html-sanitizer The Ruby on Rails team released versions 4.2.5.1, 4.1.14.1, and 3.2.22.1 of ...