Security Best Practices in Web Development

Flashcards covering essential security best practices in web development regarding input/output handling, session management, authentication, request handling, and common web security concepts.

Input Validation

The process of ensuring that user inputs are valid, correctly formatted, and safe before processing.

HTML Sanitization

The process of cleaning HTML content to prevent injection of malicious scripts.

Session Management

Methods employed to securely manage user sessions, including the use of secure cookies and session timeouts.

Multi-Factor Authentication (MFA)

A security mechanism that requires more than one form of verification to access an account.

CSRF (Cross-Site Request Forgery)

A type of attack that tricks a user into submitting unauthorized requests.

XSS (Cross-Site Scripting)

An attack that injects malicious scripts into trusted web applications.

Same-Origin Policy

A security measure that restricts how documents or scripts from one origin can interact with resources from another origin.

Content Security Policy (CSP)

A security feature that helps prevent XSS by controlling which resources can be loaded and executed.

HTTP Protocol

A protocol used to facilitate communication between a client and a server using request-response cycles.

HTTP and HTTPS Common Ports

HTTP operates on port 80 while HTTPS operates on port 443.