Secure Coding Guideline

最新推荐文章于 2020-09-27 04:28:47 发布
最新推荐文章于 2020-09-27 04:28:47 发布
阅读量739 收藏 1
点赞数
分类专栏: Code security&quality

http://wiki.developerforce.com/page/Secure_Coding_Guideline

Secure Coding Guidelines

The following documentation walks you through the most common security issues salesforce.com has identified while auditing applications built on or integrated with Force.com. This documentation takes into account that many of our developers write integration pieces with the Force.com platform and includes examples from other web platforms such as Java, ASP.NET, PHP and Ruby on Rails. The Force.com platform provides full or partial protection against many of these issues. It is noted when this is the case.

Consider this to be an easy to read reference and not a thorough documentation of all web application security flaws. More details on a broader spectrum of web application security problems can be found on the OWASP (Open Web Application Security Project) site.

After you feel comfortable with the topics here, please utilize the tools we are making available which will help in identifying many of these types of issues.


1. Cross-Site Scripting
2. S(O)QL Injection
3. Cross Site Request Forgery
4. Secure Communications and Cookies
5. Storing Secrets
6. Arbitrary Redirects
7. Access Control
8. Enforcing CRUD and FLS (Force.com)
9. SSO for Composite Apps

 

caolaosanahnu
关注
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
android secure coding
01-28
为了帮助开发者构建更加安全可靠的Android应用,《Android Application Secure Design/Secure Coding Guidebook》应运而生,成为Android开发者的必读之作。 #### 二、指南结构与内容概览 该指南由日本智能手机安全...
Secure Coding in C and C++
02-10
Secure Coding in C and C++ (SEI Series in Software Engineering) 2nd (second) Edition by Seacord, Robert C. published by Addison Wesley (2013)
Coding Guideline
weixin_30784501的博客
04-21 515
Coding Guidelines Skip to end of metadata Created byJose Reyes, last modified byJerry HaagsmaonMar 29, 2017 Go to start of metadata The rules below were approve...
java security code guider line
haizhiguang的专栏
03-23 2201
source: http://www.oracle.com/technetwork/java/seccodeguide-139067.html Secure Coding Guidelines for Java SE  Updated for Java SE 8  Document version: 5.0 Published: 02 April 2014 L
PMD规则之Security Code Guidelines
jack0511的专栏
10-27 3134
PMD规则之Security Code Guidelines
IOS安全编码指南 Secure Coding Guide -- 01 Introduction
静静燃烧的雪的专栏
06-05 998
IOS安全编码指南 Secure Coding Guide -- 01 Introduction 上 Introduction to Secure Coding Guide     Secure coding is the practice of writing programs that are resistant to attack by maliciou
牢记昨天的教训_请牢记5条安全的编码准则
weixin_26636643的博客
09-27 689
牢记昨天的教训Often as developers when we think about secure coding we’re thinking of security with a very limited mindset. We’re taught to be sure to sanitize input avoid storing passwords in the clear, etc...
Secure Coding Principles and Practices
05-14
Secure Coding: Principles & Practices looks at the problem of bad code in a new way. Packed with advice based on the authors' decades of experience in the computer security field, this concise and ...
Secure Network Coding for a P2P System
12-08
Network coding is a data transmission technique which allows intermediate nodes in a network to re-code data in transit. In contrast to traditional network communication where a node repeats incoming ...
security 相关标准secure coding
cnbird's blog
12-20 999
http://www.cert.org/secure-coding/scstandards.html http://cwe.mitre.org/top25/index.html
Top 10 Secure Coding Practices
我编程,我快乐
02-09 1401
Top 10 Secure Coding Practices  Validate input. Validate input from all untrusted data sources. Proper input validation can eliminate the vast majority of software vulnerabilities. Be suspicious
CERT Secure Coding Standard — C语言安全编程规范
热门推荐
young45的专栏
12-02 1万+
原文:http://www.huangwei.me/blog/2011/02/03/cert-secure-coding-standard-1/ 译序 看完cert的C安全编程规范已经有2个多月了,我在阅读的过程中顺手把官方文档的主要目录翻译了一 下,其中包含了171条“建议”和106条“规则”,个人认为把这些作为一个C语言安全编程规范的cheatsheet是相当不错的。
alibaba java idea 插件——alibaba java coding guidelines(一)安装与修改block级别的代码~
新一的技术笔记
07-22 1万+
目录 序: 1 . 安装 2. 扫描方式 3. blocker 3.1 正则表达式,要利用好预编译功能,加快正则表达式的匹配速度 3.2 所有的Override 必须加上注解! 3.2.1 方法签名是什么? 3.3 线程池不允许使用Executors去创建,而是通过ThreadPoolExecutor的方式。 3.4 获取当前毫秒数 3.5 避免使用Apache Be...
CERT C/C++ Secure Coding Standard
yasi_xi的专栏
10-28 3767
CERT C Secure Coding Standard CERT C++ Secure Coding Standard
IDEA/Eclipse安装 Alibaba Java Coding Guidelines 插件
努力的凹凸曼的博客
08-16 7773
  为了让开发者更加方便、并且达到快速规范代码格式的目的并实行起来,阿里巴巴基于《阿里巴巴Java开发规约》手册内容,研发了一套自动化的IDE检测插件(IDEA、Eclipse)。它就是Alibaba Java Coding Guidelines 插件。 该插件在扫描代码后,将不符合规约的代码按Blocker/Critical/Major三个等级显示在下方,甚至在IDEA上,我们还基于Inspe...
收到苹果 违反政策通知 莫要惊慌
酒鬼
03-08 5198
收到苹果 违反政策通知 莫要惊慌
mpu6050陀螺仪使用方法开发教程文档.docx
最新发布
07-30
mpu6050陀螺仪使用方法
secure coding in c and c++
01-08
C和C++的安全编码是指在编写C和C++代码时,采取一系列的措施来确保代码的安全性和防止常见的安全漏洞。由于C和C++是底层的编程语言,它们允许对内存直接进行操作,这也使得它们容易受到各种安全威胁的攻击。...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值