In this liveProject, you’ll write secure Java code for handling potentially untrusted data in web applications. You’ll build systems that can protect against data from web app forms; safely handle cookies, headers and redirects; and set up secure authentication mechanisms. Finally, you’ll manage your third-party libraries and identify potential vulnerabilities using Software Composition Analysis (SCA). Insecure third-party libraries can add vulnerabilities to your otherwise secure application and have been used in several recent real-world compromises.
This project is designed for learning purposes and is not a complete, production-ready application or solution.
This liveProject is designed to be accessible to Java programmers of all skill levels. To begin this liveProject you will need to be familiar with:
- Experience with either Eclipse IDE or IntelliJ IDEA
- RegEx for search and replace
- Working with Java servlets
you will learn
In this liveProject, you’ll learn secure coding techniques that you can apply to future code you write or review.
- Securely handle untrusted form data
- Evaluate uploaded files
- Safely handle cookies, headers, and redirects
- Avoid Cross Site Request Forgery (CSRF) attacks
- Protect authentication mechanisms
- Create secure JSON Web Tokens (JWT)