Secure Coding Practices (Essay Sample)

Secure Coding Practices
Student’s Name
University
Course
Professor
Date
Secure Coding Practices
There are many well-known software threats; among the most common and dangerous ones is Script injection. This type of vulnerability often happens when a programmer fails to limit the running of external scripts or commands inside their software. An attacker tries to find loopholes in the system where they can patch their code which may give them access to some parts or the whole software system (Robert Seacord,2018). This may happen due to reasons such as poor coding structure, lack of privilege limitation, lack of proper validation and sanitization of user-supplied data, and lack of proper testing. These are basic secure coding practices to solve such threats
Data sanitization and validation
Data Validation is the process of checking if data got from the user is of quality, meets the format, and is of the correct data type. By doing data validation, the programmer will limit what gets to be saved in the system. An example of data validation in python is:
The code checks if the supplied data is an integer
regCode = input('Enter your registration code : ') # prompts to enter value.
if regCode.isdigit(): # returns true if all digits otherwise false.
#do some code
else:
print(“the code you entered is not numeric”)
Data sanitization on the other hand refers to the process of rendering any data received from a user harmless. Some inputs from the user may contain data that can be run on the software to provide a way to run a script. Below is an example in python:
The code sanitizes html tags
import html
input = '