DEV Community

Discussion on: What are some fundamentals of security every developer should understand?

Collapse
 
adnanrahic profile image
Adnan Rahić
  1. Validate input data!
  2. Seriously, validate input data.
  3. Did I mention validating input data?
Collapse
 
andreasvirkus profile image
ajv

The biggest security mindset shift for me was understanding that input is not something a user enters in a form element. Input is literally everything that comes to your server (since everything can be tampered with), so treat it as such!
That async request you yourself wrote so you think you can trust it? Validate that payload same as you would a text field.