User Input Validation for Java Applications

Every security professional will tell you to never trust the client. This course will teach you what this means when validating untrusted input.

by Josh Cummings

Get started

What you'll learn

Postel’s law, insecure defaults, and even our human desire to be helpful and accommodating are all places where hackers can use unvalidated input to attack your system. In this course, User Input Validation for Java Applications, you’ll learn to validate untrusted user input. First, you’ll explore unbounded input. Next, you’ll discover the difference between allowlisting, blocklisting, and sanitation. Finally, you’ll learn how to safely deserialize data against a schema. When you’re finished with this course, you’ll have the skills and knowledge of secure coding needed to protect your system against malicious input.

About the author

Josh Cummings

Like many software craftsmen, Josh eats, sleeps, and dreams in code. He codes for fun, and his kids code for fun! Right now, Josh works as a full-time committer on Spring Security and loves every minute.

More Courses by Josh

User Input Validation for Java Applications

What you'll learn

Table of contents

Checking for and Protecting against Overflow 9m 20s

Enforcing Invariants for Numbers, Dates, and Strings 10m 39s

Deserializing Safely Using Server-side Schema Definitions 7m 55s

About the author