{"id":396,"date":"2023-07-20T20:26:03","date_gmt":"2023-07-20T20:26:03","guid":{"rendered":"https:\/\/www.securesteps.tn\/?p=396"},"modified":"2024-02-26T15:48:58","modified_gmt":"2024-02-26T15:48:58","slug":"secure-code-review","status":"publish","type":"post","link":"https:\/\/www.securesteps.tn\/ar\/secure-code-review\/","title":{"rendered":"Secure Code Review : Key aspects you need to know"},"content":{"rendered":"<p class=\"wp-block-paragraph\">\u062a\u0639\u062f \u0645\u0631\u0627\u062c\u0639\u0629 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0627\u0644\u0622\u0645\u0646\u0629 \u0639\u0645\u0644\u064a\u0629 \u0645\u0647\u0645\u0629 \u0641\u064a \u062a\u0637\u0648\u064a\u0631 \u0627\u0644\u0628\u0631\u0627\u0645\u062c \u0644\u062a\u062d\u062f\u064a\u062f \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0627\u0644\u0645\u062d\u062a\u0645\u0644\u0629 \u0641\u064a \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0648\u0627\u0644\u062a\u062e\u0641\u064a\u0641 \u0645\u0646 \u062d\u062f\u062a\u0647\u0627. \u0647\u0646\u0627 \u060c \u0633\u0623\u0632\u0648\u062f\u0643 \u0628\u062f\u0644\u064a\u0644 \u062e\u0637\u0648\u0629 \u0628\u062e\u0637\u0648\u0629 \u062d\u0648\u0644 \u0643\u064a\u0641\u064a\u0629 \u0625\u062c\u0631\u0627\u0621 \u0645\u0631\u0627\u062c\u0639\u0629 \u0622\u0645\u0646\u0629 \u0644\u0644\u0631\u0645\u0632 \u060c \u0625\u0644\u0649 \u062c\u0627\u0646\u0628 \u0628\u0639\u0636 \u0627\u0644\u0623\u0645\u062b\u0644\u0629 \u0639\u0644\u0649 \u0645\u0634\u0643\u0644\u0627\u062a \u0627\u0644\u0623\u0645\u0627\u0646 \u0627\u0644\u0634\u0627\u0626\u0639\u0629 \u0648\u0627\u0644\u0625\u0635\u0644\u0627\u062d\u0627\u062a \u0627\u0644\u0645\u0642\u0627\u0628\u0644\u0629 \u0644\u0647\u0627.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u062f\u0644\u064a\u0644 \u062a\u0641\u0635\u064a\u0644\u064a \u062e\u0637\u0648\u0629 \u0628\u062e\u0637\u0648\u0629 \u0644\u0645\u0631\u0627\u062c\u0639\u0629 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0627\u0644\u0622\u0645\u0646\u0629:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u0627\u0641\u0647\u0645 \u0627\u0644\u0645\u062a\u0637\u0644\u0628\u0627\u062a<\/strong>: \u062a\u0639\u0631\u0641 \u0639\u0644\u0649 \u0645\u062a\u0637\u0644\u0628\u0627\u062a \u0627\u0644\u0645\u0634\u0631\u0648\u0639 \u0648\u0645\u0648\u0627\u0635\u0641\u0627\u062a\u0647 \u0648\u0625\u0631\u0634\u0627\u062f\u0627\u062a \u0627\u0644\u0623\u0645\u0627\u0646.<\/li>\n\n\n\n<li><strong>\u0627\u062e\u062a\u0631 \u0627\u0644\u0623\u062f\u0648\u0627\u062a \u0627\u0644\u0635\u062d\u064a\u062d\u0629<\/strong>: \u0627\u0633\u062a\u062e\u062f\u0645 \u0623\u062f\u0648\u0627\u062a \u0645\u0631\u0627\u062c\u0639\u0629 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0627\u0644\u062a\u064a \u064a\u0645\u0643\u0646 \u0623\u0646 \u062a\u0633\u0627\u0639\u062f \u0641\u064a \u062a\u062d\u062f\u064a\u062f \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u062a\u0644\u0642\u0627\u0626\u064a\u064b\u0627. \u062a\u062a\u0636\u0645\u0646 \u0628\u0639\u0636 \u0627\u0644\u0623\u062f\u0648\u0627\u062a \u0627\u0644\u0634\u0627\u0626\u0639\u0629 SAST (\u0627\u062e\u062a\u0628\u0627\u0631 \u0623\u0645\u0627\u0646 \u0627\u0644\u062a\u0637\u0628\u064a\u0642 \u0627\u0644\u062b\u0627\u0628\u062a) \u0648\u0623\u062f\u0648\u0627\u062a \u062a\u062d\u0644\u064a\u0644 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0645\u062b\u0644 SonarQube \u0648 Fortify \u0648 Checkmarx.<\/li>\n\n\n\n<li><strong>\u0641\u062d\u0635 \u0627\u0644\u0645\u0635\u0627\u062f\u0642\u0629 \u0648\u0627\u0644\u062a\u0631\u062e\u064a\u0635<\/strong>: \u0631\u0627\u062c\u0639 \u0643\u064a\u0641\u064a\u0629 \u062a\u0646\u0641\u064a\u0630 \u0645\u0635\u0627\u062f\u0642\u0629 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0648\u0627\u0644\u062a\u0631\u062e\u064a\u0635. \u062a\u0623\u0643\u062f \u0645\u0646 \u062d\u0645\u0627\u064a\u0629 \u0627\u0644\u0639\u0645\u0644\u064a\u0627\u062a \u0648\u0627\u0644\u0645\u0648\u0627\u0631\u062f \u0627\u0644\u062d\u0633\u0627\u0633\u0629 \u0628\u0634\u0643\u0644 \u0635\u062d\u064a\u062d.<\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\">\u0645\u062b\u0627\u0644 - \u0627\u0644\u0645\u0635\u0627\u062f\u0642\u0629 \u063a\u064a\u0631 \u0627\u0644\u0622\u0645\u0646\u0629:<\/p>\n\n\n\n<pre class=\"wp-block-code has-navbar-text-color-hover-color has-navbar-background-background-color has-text-color has-background\"><code><code>\/\/ Insecure code - Storing passwords in plain text\npublic boolean authenticateUser(String username, String password) {\n    String storedPassword = database.getPasswordByUsername(username);\n    return password.equals(storedPassword);<\/code>}<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">\u0625\u0635\u0644\u0627\u062d - \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0627\u0644\u062a\u062c\u0632\u0626\u0629 \u0627\u0644\u0645\u0645\u0644\u062d\u0629 \u0644\u0643\u0644\u0645\u0627\u062a \u0627\u0644\u0645\u0631\u0648\u0631:<\/p>\n\n\n\n<pre class=\"wp-block-code has-navbar-text-color-hover-color has-navbar-background-background-color has-text-color has-background has-small-font-size\"><code><code>\/\/ Secure code - Using salted hashing for password storage\npublic boolean authenticateUser(String username, String password) {\n    String storedPasswordHash = database.getPasswordHashByUsername(username);\n    String salt = database.getSaltByUsername(username);\n    String hashedPassword = hashFunction(password + salt);\n    return hashedPassword.equals(storedPasswordHash);<\/code>}<\/code><\/pre>\n\n\n\n<ol class=\"wp-block-list\" start=\"4\">\n<li><strong>\u062a\u062d\u0642\u0642 \u0645\u0646 \u0627\u0644\u062a\u062d\u0642\u0642 \u0645\u0646 \u0635\u062d\u0629 \u0627\u0644\u0625\u062f\u062e\u0627\u0644<\/strong>: \u0627\u0628\u062d\u062b \u0639\u0646 \u0645\u0634\u0643\u0644\u0627\u062a \u0627\u0644\u062a\u062d\u0642\u0642 \u0645\u0646 \u0635\u062d\u0629 \u0627\u0644\u0625\u062f\u062e\u0627\u0644 \u0627\u0644\u062a\u064a \u0642\u062f \u062a\u0624\u062f\u064a \u0625\u0644\u0649 \u0625\u062f\u062e\u0627\u0644 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0623\u0648 \u0647\u062c\u0645\u0627\u062a \u0627\u0644\u062a\u0644\u0627\u0639\u0628 \u0628\u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a.<\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\">\u0645\u062b\u0627\u0644 - \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u0625\u062f\u062e\u0627\u0644 SQL:<\/p>\n\n\n\n<pre class=\"wp-block-code has-navbar-text-color-hover-color has-navbar-background-background-color has-text-color has-background has-small-font-size\"><code># \u0643\u0648\u062f \u063a\u064a\u0631 \u0622\u0645\u0646 - \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0644\u0625\u062f\u062e\u0627\u0644 SQL \u0647\u064a get_user_by_id (\u0645\u0639\u0631\u0641 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645): \u0627\u0644\u0627\u0633\u062a\u0639\u0644\u0627\u0645 = &quot;\u062d\u062f\u062f * \u0645\u0646 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u064a\u0646 \u062d\u064a\u062b \u0627\u0644\u0645\u0639\u0631\u0641 = &#039;&quot; + user_id + &quot;&#039;\u061b&quot; \u0627\u0644\u0646\u062a\u064a\u062c\u0629 = execute_sql_query (\u0627\u0633\u062a\u0639\u0644\u0627\u0645) \u0625\u0631\u062c\u0627\u0639 \u0627\u0644\u0646\u062a\u064a\u062c\u0629<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">\u0625\u0635\u0644\u0627\u062d - \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0627\u0644\u0627\u0633\u062a\u0639\u0644\u0627\u0645\u0627\u062a \u0630\u0627\u062a \u0627\u0644\u0645\u0639\u0627\u0645\u0644\u0627\u062a:<\/p>\n\n\n\n<pre class=\"wp-block-code has-navbar-text-color-hover-color has-navbar-background-background-color has-text-color has-background has-small-font-size\"><code># \u0631\u0645\u0632 \u0622\u0645\u0646 - \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0627\u0644\u0627\u0633\u062a\u0639\u0644\u0627\u0645\u0627\u062a \u0630\u0627\u062a \u0627\u0644\u0645\u0639\u0644\u0645\u0627\u062a def get_user_by_id (\u0645\u0639\u0631\u0641 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645): \u0627\u0644\u0627\u0633\u062a\u0639\u0644\u0627\u0645 = &quot;SELECT * \u0645\u0646 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u064a\u0646 WHERE id = %s\u061b&quot; \u0627\u0644\u0646\u062a\u064a\u062c\u0629 = execute_sql_query (\u0627\u0633\u062a\u0639\u0644\u0627\u0645\u060c (user_id\u060c)) \u0625\u0631\u062c\u0627\u0639 \u0627\u0644\u0646\u062a\u064a\u062c\u0629<\/code><\/pre>\n\n\n\n<ol class=\"wp-block-list\" start=\"5\">\n<li><strong>\u0645\u0639\u0627\u0644\u062c\u0629 \u062d\u0627\u0644\u0627\u062a \u0627\u0644\u062e\u0637\u0623<\/strong>: \u062a\u0623\u0643\u062f \u0645\u0646 \u0623\u0646 \u0631\u0633\u0627\u0626\u0644 \u0627\u0644\u062e\u0637\u0623 \u0644\u0627 \u062a\u0639\u0631\u0636 \u0627\u0644\u0645\u0639\u0644\u0648\u0645\u0627\u062a \u0627\u0644\u062d\u0633\u0627\u0633\u0629 \u0648\u064a\u062a\u0645 \u0627\u0644\u062a\u0639\u0627\u0645\u0644 \u0645\u0639\u0647\u0627 \u0628\u0623\u0645\u0627\u0646.<\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\">\u0645\u062b\u0627\u0644 - \u062a\u0633\u0631\u0628 \u0627\u0644\u0645\u0639\u0644\u0648\u0645\u0627\u062a:<\/p>\n\n\n\n<pre class=\"wp-block-code has-navbar-text-color-hover-color has-navbar-background-background-color has-text-color has-background has-small-font-size\"><code>\/\/ \u0631\u0645\u0632 \u063a\u064a\u0631 \u0622\u0645\u0646 - \u0627\u0644\u0643\u0634\u0641 \u0639\u0646 \u0645\u0639\u0644\u0648\u0645\u0627\u062a \u062e\u0637\u0623 \u062d\u0633\u0627\u0633\u0629 \u0625\u0630\u0627 (! isAuthorized (\u0645\u0633\u062a\u062e\u062f\u0645)) {throw new SecurityException (&quot;\u0648\u0635\u0648\u0644 \u063a\u064a\u0631 \u0645\u0635\u0631\u062d \u0628\u0647 \u0644\u0644\u0645\u0633\u062a\u062e\u062f\u0645:&quot; + user.getName ())\u061b }<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">\u0625\u0635\u0644\u0627\u062d - \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0631\u0633\u0627\u0626\u0644 \u0627\u0644\u062e\u0637\u0623 \u0627\u0644\u0639\u0627\u0645\u0629:<\/p>\n\n\n\n<pre class=\"wp-block-code has-navbar-text-color-hover-color has-navbar-background-background-color has-text-color has-background has-small-font-size\"><code>\/\/ Secure code - \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0631\u0633\u0627\u0626\u0644 \u062e\u0637\u0623 \u0639\u0627\u0645\u0629 \u0625\u0630\u0627 (! isAuthorized (\u0645\u0633\u062a\u062e\u062f\u0645)) {throw new SecurityException (&quot;\u0648\u0635\u0648\u0644 \u063a\u064a\u0631 \u0645\u0635\u0631\u062d \u0628\u0647&quot;) \u061b }<\/code><\/pre>\n\n\n\n<ol class=\"wp-block-list\" start=\"6\">\n<li><strong>\u0645\u0631\u0627\u062c\u0639\u0629 \u062a\u062e\u0632\u064a\u0646 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0648\u062a\u0634\u0641\u064a\u0631\u0647\u0627<\/strong>: \u062a\u062d\u0642\u0642 \u0645\u0646 \u0643\u064a\u0641\u064a\u0629 \u062a\u062e\u0632\u064a\u0646 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u062d\u0633\u0627\u0633\u0629 \u0648\u062a\u0623\u0643\u062f \u0645\u0646 \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0637\u0631\u0642 \u0627\u0644\u062a\u0634\u0641\u064a\u0631 \u0627\u0644\u0645\u0646\u0627\u0633\u0628\u0629.<\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\">\u0645\u062b\u0627\u0644 - \u0636\u0639\u0641 \u062a\u0634\u0641\u064a\u0631 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a:<\/p>\n\n\n\n<pre class=\"wp-block-code has-navbar-text-color-hover-color has-navbar-background-background-color has-text-color has-background has-small-font-size\"><code># \u0631\u0645\u0632 \u063a\u064a\u0631 \u0622\u0645\u0646 - \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u062e\u0648\u0627\u0631\u0632\u0645\u064a\u0629 \u062a\u0634\u0641\u064a\u0631 \u0636\u0639\u064a\u0641\u0629 \u0645\u0646 \u0627\u0644\u062a\u0634\u0641\u064a\u0631.<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">\u0625\u0635\u0644\u0627\u062d - \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u062e\u0648\u0627\u0631\u0632\u0645\u064a\u0629 \u062a\u0634\u0641\u064a\u0631 \u0642\u0648\u064a\u0629:<\/p>\n\n\n\n<pre class=\"wp-block-code has-navbar-text-color-hover-color has-navbar-background-background-color has-text-color has-background has-small-font-size\"><code># \u0643\u0648\u062f \u0622\u0645\u0646 - \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u062e\u0648\u0627\u0631\u0632\u0645\u064a\u0629 \u062a\u0634\u0641\u064a\u0631 \u0642\u0648\u064a\u0629 (AES) \u0645\u0646 cryptography.hazmat.primitives \u0627\u0633\u062a\u064a\u0631\u0627\u062f \u062a\u062c\u0632\u0626\u0627\u062a \u0645\u0646 cryptography.hazmat.primitives.kdf.pbkdf2 \u0627\u0633\u062a\u064a\u0631\u0627\u062f PBKDF2HMAC \u0645\u0646 cryptography.hazmat.primitives.kdf.pbkdf2 import_default_defography.kdf. \u060c password): salt = b&#039;salt_ &#039;kdf = PBKDF2HMAC (\u062e\u0648\u0627\u0631\u0632\u0645\u064a\u0629 = hashes.SHA256 ()\u060c length = 32\u060c salt = salt\u060c iterations = 100000\u060c backend = default_backend ()) key = base64.urlsafe_b64encode (kdf.derive (password)) \u062a\u0634\u0641\u064a\u0631 \u0627\u0641\u062a\u0631\u0627\u0636\u064a = Cipher (algorithms) ryptor = cipher.encryptor () \u0625\u0631\u062c\u0627\u0639 encryptor.update (\u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a) + encryptor.finalize () def decrypt_data (encrypted_data \u060c password): salt = b&#039;salt_ &#039;kdf = PBKDF2HMAC (\u0627\u0644\u062e\u0648\u0627\u0631\u0632\u0645\u064a\u0629 = \u0627\u0644\u062a\u062c\u0632\u0626\u0629. kdf.derive (\u0643\u0644\u0645\u0629 \u0627\u0644\u0645\u0631\u0648\u0631)) \u0627\u0644\u062a\u0634\u0641\u064a\u0631 = \u0627\u0644\u062a\u0634\u0641\u064a\u0631 (\u0627\u0644\u062e\u0648\u0627\u0631\u0632\u0645\u064a\u0627\u062a.AES (\u0645\u0641\u062a\u0627\u062d) \u060c \u0627\u0644\u0623\u0648\u0636\u0627\u0639. CFB (iv) \u060c \u0627\u0644\u062e\u0644\u0641\u064a\u0629 = default_backend ()) decryptor = cipher.decryptor () \u0625\u0631\u062c\u0627\u0639 decryptor.update (encrypted_data) + decryptor.finalize ()<\/code><\/pre>\n\n\n\n<ol class=\"wp-block-list\" start=\"7\">\n<li><strong>\u062a\u062d\u0642\u0642 \u0645\u0646 \u0648\u062c\u0648\u062f \u062b\u063a\u0631\u0627\u062a \u0641\u064a \u0625\u062f\u062e\u0627\u0644 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629<\/strong>: \u0627\u0628\u062d\u062b \u0639\u0646 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0627\u0644\u0645\u062d\u062a\u0645\u0644\u0629 \u0645\u062b\u0644 \u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0639\u0646 \u0628\u0639\u062f (RCE) \u0648\u0625\u062f\u062e\u0627\u0644 \u0627\u0644\u0623\u0648\u0627\u0645\u0631.<\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\">\u0645\u062b\u0627\u0644 - \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u062d\u0642\u0646 \u0627\u0644\u0623\u0648\u0627\u0645\u0631:<\/p>\n\n\n\n<pre class=\"wp-block-code has-navbar-text-color-hover-color has-navbar-background-background-color has-text-color has-background has-small-font-size\"><code># \u0643\u0648\u062f \u063a\u064a\u0631 \u0622\u0645\u0646 - \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u0625\u062f\u062e\u0627\u0644 \u0627\u0644\u0623\u0645\u0631 def run_shell_command (\u0623\u0645\u0631): os.system (\u0623\u0645\u0631)<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">\u0625\u0635\u0644\u0627\u062d - \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0637\u0631\u0642 \u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u0623\u0648\u0627\u0645\u0631 \u0627\u0644\u0645\u0646\u0627\u0633\u0628\u0629:<\/p>\n\n\n\n<pre class=\"wp-block-code has-navbar-text-color-hover-color has-navbar-background-background-color has-text-color has-background has-small-font-size\"><code># Secure code - \u062a\u062c\u0646\u0628 \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u0625\u062f\u062e\u0627\u0644 \u0627\u0644\u0623\u0648\u0627\u0645\u0631 \u0639\u0645\u0644\u064a\u0629 \u0627\u0644\u0627\u0633\u062a\u064a\u0631\u0627\u062f \u0627\u0644\u0641\u0631\u0639\u064a\u0629 def run_shell_command (\u0627\u0644\u0623\u0645\u0631): subprocess.run (\u0627\u0644\u0623\u0645\u0631 \u060c shell = True)<\/code><\/pre>\n\n\n\n<ol class=\"wp-block-list\" start=\"8\">\n<li><strong>\u0645\u0631\u0627\u062c\u0639\u0629 \u0645\u0643\u062a\u0628\u0627\u062a \u0627\u0644\u0637\u0631\u0641 \u0627\u0644\u062b\u0627\u0644\u062b<\/strong>: \u062a\u062d\u0642\u0642 \u0645\u0646 \u0623\u0645\u0627\u0646 \u0645\u0643\u062a\u0628\u0627\u062a \u0627\u0644\u062c\u0647\u0627\u062a \u0627\u0644\u062e\u0627\u0631\u062c\u064a\u0629 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u0629 \u0641\u064a \u0627\u0644\u0645\u0634\u0631\u0648\u0639. \u062a\u0623\u0643\u062f \u0645\u0646 \u062a\u062d\u062f\u064a\u062b\u0647\u0627 \u0648\u0639\u062f\u0645 \u0648\u062c\u0648\u062f \u062b\u063a\u0631\u0627\u062a \u0623\u0645\u0646\u064a\u0629 \u0645\u0639\u0631\u0648\u0641\u0629.<\/li>\n\n\n\n<li><strong>\u062a\u062d\u0644\u064a\u0644 \u0625\u062f\u0627\u0631\u0629 \u0627\u0644\u062c\u0644\u0633\u0629<\/strong>: \u062a\u062d\u0642\u0642 \u0645\u0646 \u0643\u064a\u0641\u064a\u0629 \u0625\u062f\u0627\u0631\u0629 \u0627\u0644\u062c\u0644\u0633\u0627\u062a \u0648\u0625\u0646\u0634\u0627\u0621 \u0627\u0644\u0631\u0645\u0648\u0632 \u0627\u0644\u0645\u0645\u064a\u0632\u0629 \u0644\u0644\u062c\u0644\u0633\u0629 \u0628\u0634\u0643\u0644 \u0622\u0645\u0646.<\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\">\u0645\u062b\u0627\u0644 - \u0625\u0646\u0634\u0627\u0621 \u0631\u0645\u0632 \u062c\u0644\u0633\u0629 \u063a\u064a\u0631 \u0622\u0645\u0646:<\/p>\n\n\n\n<pre class=\"wp-block-code has-navbar-text-color-hover-color has-navbar-background-background-color has-text-color has-background has-small-font-size\"><code>\/\/ \u0631\u0645\u0632 \u063a\u064a\u0631 \u0622\u0645\u0646 - \u0625\u0646\u0634\u0627\u0621 \u0631\u0645\u0632 \u062c\u0644\u0633\u0629 \u063a\u064a\u0631 \u0622\u0645\u0646 \u0639\u0627\u0645 String GeneratorSessionToken () {return UUID.randomUUID (). toString ()\u061b }<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">\u0625\u0635\u0644\u0627\u062d - \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0645\u064f\u0646\u0634\u0626 \u0631\u0642\u0645 \u0639\u0634\u0648\u0627\u0626\u064a \u0622\u0645\u0646:<\/p>\n\n\n\n<pre class=\"wp-block-code has-navbar-text-color-hover-color has-navbar-background-background-color has-text-color has-background has-small-font-size\"><code>\/\/ Secure code - \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0625\u0646\u0634\u0627\u0621 \u0627\u0644\u0631\u0645\u0632 \u0627\u0644\u0645\u0645\u064a\u0632 \u0644\u0644\u062c\u0644\u0633\u0629 \u0627\u0644\u0622\u0645\u0646\u0629 public String createSessionToken () {SecureRandom random = new SecureRandom ()\u061b \u0628\u0627\u064a\u062a [] tokenBytes = \u0628\u0627\u064a\u062a \u062c\u062f\u064a\u062f [32] \u061b random.nextBytes (tokenBytes) \u061b \u0625\u0631\u062c\u0627\u0639 Base64.getUrlEncoder (). withoutPadding (). encodeToString (tokenBytes) \u061b }<\/code><\/pre>\n\n\n\n<ol class=\"wp-block-list\" start=\"10\">\n<li><strong>\u0645\u0631\u0627\u062c\u0639\u0629 \u0645\u0639\u0627\u0644\u062c\u0629 \u0627\u0644\u0623\u062e\u0637\u0627\u0621<\/strong>: \u062a\u0623\u0643\u062f \u0645\u0646 \u062a\u0646\u0641\u064a\u0630 \u0645\u0639\u0627\u0644\u062c\u0629 \u0627\u0644\u0623\u062e\u0637\u0627\u0621 \u0628\u0634\u0643\u0644 \u0622\u0645\u0646 \u0648\u0639\u062f\u0645 \u0643\u0634\u0641 \u0627\u0644\u0645\u0639\u0644\u0648\u0645\u0627\u062a \u0627\u0644\u062d\u0633\u0627\u0633\u0629.<\/li>\n\n\n\n<li><strong>\u062a\u062d\u0642\u0642 \u0645\u0646 \u0648\u062c\u0648\u062f \u062b\u063a\u0631\u0627\u062a \u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u0627\u0644\u0628\u0631\u0645\u062c\u0629 \u0627\u0644\u0646\u0635\u064a\u0629 \u0639\u0628\u0631 \u0627\u0644\u0645\u0648\u0627\u0642\u0639 (XSS)<\/strong>: \u0631\u0627\u062c\u0639 \u0643\u064a\u0641\u064a\u0629 \u0639\u0631\u0636 \u0645\u062f\u062e\u0644\u0627\u062a \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0641\u064a \u0627\u0644\u062a\u0637\u0628\u064a\u0642 \u0648\u062a\u0623\u0643\u062f \u0645\u0646 \u0627\u0644\u0647\u0631\u0648\u0628 \u0623\u0648 \u0627\u0644\u062a\u0637\u0647\u064a\u0631 \u0627\u0644\u0645\u0646\u0627\u0633\u0628.<\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\">\u0645\u062b\u0627\u0644 - \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u0627\u0644\u0628\u0631\u0645\u062c\u0629 \u0627\u0644\u0646\u0635\u064a\u0629 \u0639\u0628\u0631 \u0627\u0644\u0645\u0648\u0627\u0642\u0639:<\/p>\n\n\n\n<pre class=\"wp-block-code has-navbar-text-color-hover-color has-navbar-background-background-color has-text-color has-background has-small-font-size\"><code>&lt;!-- Insecure code - XSS vulnerability --&gt;\n&lt;div&gt;\u0645\u0631\u062d\u0628\u0627\u064b\u060c &lt;%= user.getName() %&gt;&lt;\/div&gt;<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">\u0627\u0644\u0625\u0635\u0644\u0627\u062d - \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0627\u0644\u0647\u0631\u0648\u0628 \u0627\u0644\u0645\u0646\u0627\u0633\u0628:<\/p>\n\n\n\n<pre class=\"wp-block-code has-navbar-text-color-hover-color has-navbar-background-background-color has-text-color has-background has-small-font-size\"><code>&lt;!-- Secure code - Escaping user input to prevent XSS --&gt;\n&lt;div&gt;\u0645\u0631\u062d\u0628\u0627\u064b\u060c &lt;%= encodeHtml(user.getName()) %&gt;&lt;\/div&gt;<\/code><\/pre>\n\n\n\n<ol class=\"wp-block-list\" start=\"12\">\n<li><strong>\u0627\u062e\u062a\u0628\u0627\u0631 \u0634\u0631\u0648\u0637 \u0627\u0644\u062d\u062f\u0648\u062f<\/strong>: \u062a\u062d\u0642\u0642 \u0645\u0646 \u0623\u0646 \u0627\u0644\u0643\u0648\u062f \u064a\u062a\u0639\u0627\u0645\u0644 \u0645\u0639 \u0634\u0631\u0648\u0637 \u0627\u0644\u062d\u062f\u0648\u062f \u0628\u0634\u0643\u0644 \u0645\u0646\u0627\u0633\u0628 \u060c \u0645\u062b\u0644 \u0623\u0637\u0648\u0627\u0644 \u0627\u0644\u0625\u062f\u062e\u0627\u0644 \u0627\u0644\u0642\u0635\u0648\u0649 \u0648\u062d\u062f\u0648\u062f \u0627\u0644\u0635\u0641\u064a\u0641.<\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\">\u064a\u062c\u0628 \u0623\u0646 \u062a\u0645\u0646\u062d\u0643 \u0647\u0630\u0647 \u0627\u0644\u0623\u0645\u062b\u0644\u0629 \u0648\u0627\u0644\u0625\u0631\u0634\u0627\u062f\u0627\u062a \u0646\u0642\u0637\u0629 \u0628\u062f\u0627\u064a\u0629 \u0644\u0625\u062c\u0631\u0627\u0621 \u0645\u0631\u0627\u062c\u0639\u0627\u062a \u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0628\u0631\u0645\u062c\u064a\u0629 \u0622\u0645\u0646\u0629. \u0645\u0646 \u0627\u0644\u0636\u0631\u0648\u0631\u064a \u0645\u0648\u0627\u0643\u0628\u0629 \u0623\u062d\u062f\u062b \u0645\u0645\u0627\u0631\u0633\u0627\u062a \u0627\u0644\u0623\u0645\u0627\u0646 \u0648\u0627\u0644\u062d\u0635\u0648\u0644 \u0639\u0644\u0649 \u0641\u0647\u0645 \u0634\u0627\u0645\u0644 \u0644\u0644\u063a\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u0629 \u0648\u0623\u0637\u0631 \u0627\u0644\u0639\u0645\u0644 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u0629. \u064a\u062c\u0628 \u0623\u0646 \u062a\u0643\u0648\u0646 \u0645\u0631\u0627\u062c\u0639\u0627\u062a \u0627\u0644\u0643\u0648\u062f \u0627\u0644\u0645\u0646\u062a\u0638\u0645\u0629 \u0648\u0627\u062e\u062a\u0628\u0627\u0631 \u0627\u0644\u0623\u0645\u0627\u0646 \u0627\u0644\u0645\u0633\u062a\u0645\u0631 \u062c\u0632\u0621\u064b\u0627 \u0644\u0627 \u064a\u062a\u062c\u0632\u0623 \u0645\u0646 \u062f\u0648\u0631\u0629 \u062d\u064a\u0627\u0629 \u062a\u0637\u0648\u064a\u0631 \u0627\u0644\u0628\u0631\u0627\u0645\u062c \u0644\u0644\u062d\u0641\u0627\u0638 \u0639\u0644\u0649 \u0642\u0627\u0639\u062f\u0629 \u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0628\u0631\u0645\u062c\u064a\u0629 \u0622\u0645\u0646\u0629.<\/p>","protected":false},"excerpt":{"rendered":"<p>Secure code review is a critical process in software development to identify and mitigate potential security vulnerabilities in the code. Here, I&#8217;ll provide you with a step-by-step guide on how to perform a secure code review, along with some examples of common security issues and their corresponding fixes. Step-by-step guide [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_joinchat":[],"footnotes":""},"categories":[1],"tags":[28,24,25],"class_list":["post-396","post","type-post","status-publish","format-standard","hentry","category-webapplicationsecurity","tag-mobile-applications","tag-security","tag-web-applications"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.9 - aioseo.com -->\n\t<meta name=\"description\" content=\"Secure code review is a critical process in software development to identify and mitigate potential security vulnerabilities in the code. Here, I&#039;ll provide you with a step-by-step guide on how to perform a secure code review, along with some examples of common security issues and their corresponding fixes. Step-by-step guide for secure code review: Understand\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"Secure Steps\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/www.securesteps.tn\/ar\/secure-code-review\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.9\" \/>\n\t\t<meta property=\"og:locale\" content=\"ar_AR\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Secure Steps - Secure Steps\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Secure Code Review : Key aspects you need to know - Secure Steps\" \/>\n\t\t<meta property=\"og:description\" content=\"Secure code review is a critical process in software development to identify and mitigate potential security vulnerabilities in the code. Here, I&#039;ll provide you with a step-by-step guide on how to perform a secure code review, along with some examples of common security issues and their corresponding fixes. Step-by-step guide for secure code review: Understand\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/www.securesteps.tn\/ar\/secure-code-review\/\" \/>\n\t\t<meta property=\"og:image\" content=\"https:\/\/www.securesteps.tn\/wp-content\/uploads\/2022\/10\/Screenshot_20220809-020241_Firefox.png\" \/>\n\t\t<meta property=\"og:image:secure_url\" content=\"https:\/\/www.securesteps.tn\/wp-content\/uploads\/2022\/10\/Screenshot_20220809-020241_Firefox.png\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2023-07-20T20:26:03+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2024-02-26T15:48:58+00:00\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Secure Code Review : Key aspects you need to know - Secure Steps\" \/>\n\t\t<meta name=\"twitter:description\" content=\"Secure code review is a critical process in software development to identify and mitigate potential security vulnerabilities in the code. Here, I&#039;ll provide you with a step-by-step guide on how to perform a secure code review, along with some examples of common security issues and their corresponding fixes. Step-by-step guide for secure code review: Understand\" \/>\n\t\t<meta name=\"twitter:image\" content=\"https:\/\/www.securesteps.tn\/wp-content\/uploads\/2022\/10\/Screenshot_20220809-020241_Firefox.png\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/secure-code-review\\\/#blogposting\",\"name\":\"Secure Code Review : Key aspects you need to know - Secure Steps\",\"headline\":\"Secure Code Review : Key aspects you need to know\",\"author\":{\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/author\\\/z13db\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/www.securesteps.tn\\\/wp-content\\\/uploads\\\/2022\\\/10\\\/Screenshot_20220809-020241_Firefox.png\",\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/#articleImage\",\"width\":1704,\"height\":471},\"datePublished\":\"2023-07-20T20:26:03+00:00\",\"dateModified\":\"2024-02-26T15:48:58+00:00\",\"inLanguage\":\"ar\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/secure-code-review\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/secure-code-review\\\/#webpage\"},\"articleSection\":\"Web Application Security, Mobile Applications, Security, Web Applications\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/secure-code-review\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/category\\\/webapplicationsecurity\\\/#listItem\",\"name\":\"Web Application Security\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/category\\\/webapplicationsecurity\\\/#listItem\",\"position\":2,\"name\":\"Web Application Security\",\"item\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/category\\\/webapplicationsecurity\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/secure-code-review\\\/#listItem\",\"name\":\"Secure Code Review : Key aspects you need to know\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/secure-code-review\\\/#listItem\",\"position\":3,\"name\":\"Secure Code Review : Key aspects you need to know\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/category\\\/webapplicationsecurity\\\/#listItem\",\"name\":\"Web Application Security\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/#organization\",\"name\":\"securesteps.tn\",\"description\":\"Secure Steps\",\"url\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/www.securesteps.tn\\\/wp-content\\\/uploads\\\/2022\\\/10\\\/Screenshot_20220809-020241_Firefox.png\",\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/secure-code-review\\\/#organizationLogo\",\"width\":1704,\"height\":471},\"image\":{\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/secure-code-review\\\/#organizationLogo\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/author\\\/z13db\\\/#author\",\"url\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/author\\\/z13db\\\/\",\"name\":\"Secure Steps\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/secure-code-review\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/74eda5010cbd6af0cf0b81d2c317f6984af5a356a8d1e117a3fbfd26c0e4e0e7?s=96&d=mm&r=g\",\"width\":96,\"height\":96,\"caption\":\"Secure Steps\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/secure-code-review\\\/#webpage\",\"url\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/secure-code-review\\\/\",\"name\":\"Secure Code Review : Key aspects you need to know - Secure Steps\",\"description\":\"Secure code review is a critical process in software development to identify and mitigate potential security vulnerabilities in the code. Here, I'll provide you with a step-by-step guide on how to perform a secure code review, along with some examples of common security issues and their corresponding fixes. Step-by-step guide for secure code review: Understand\",\"inLanguage\":\"ar\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/secure-code-review\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/author\\\/z13db\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/author\\\/z13db\\\/#author\"},\"datePublished\":\"2023-07-20T20:26:03+00:00\",\"dateModified\":\"2024-02-26T15:48:58+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/#website\",\"url\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/\",\"name\":\"Secure Steps\",\"description\":\"Secure Steps\",\"inLanguage\":\"ar\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.securesteps.tn\\\/ar\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"Secure Code Review : Key aspects you need to know - Secure Steps","description":"Secure code review is a critical process in software development to identify and mitigate potential security vulnerabilities in the code. Here, I'll provide you with a step-by-step guide on how to perform a secure code review, along with some examples of common security issues and their corresponding fixes. Step-by-step guide for secure code review: Understand","canonical_url":"https:\/\/www.securesteps.tn\/ar\/secure-code-review\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/www.securesteps.tn\/ar\/secure-code-review\/#blogposting","name":"Secure Code Review : Key aspects you need to know - Secure Steps","headline":"Secure Code Review : Key aspects you need to know","author":{"@id":"https:\/\/www.securesteps.tn\/ar\/author\/z13db\/#author"},"publisher":{"@id":"https:\/\/www.securesteps.tn\/ar\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/www.securesteps.tn\/wp-content\/uploads\/2022\/10\/Screenshot_20220809-020241_Firefox.png","@id":"https:\/\/www.securesteps.tn\/ar\/#articleImage","width":1704,"height":471},"datePublished":"2023-07-20T20:26:03+00:00","dateModified":"2024-02-26T15:48:58+00:00","inLanguage":"ar","mainEntityOfPage":{"@id":"https:\/\/www.securesteps.tn\/ar\/secure-code-review\/#webpage"},"isPartOf":{"@id":"https:\/\/www.securesteps.tn\/ar\/secure-code-review\/#webpage"},"articleSection":"Web Application Security, Mobile Applications, Security, Web Applications"},{"@type":"BreadcrumbList","@id":"https:\/\/www.securesteps.tn\/ar\/secure-code-review\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/www.securesteps.tn\/ar#listItem","position":1,"name":"Home","item":"https:\/\/www.securesteps.tn\/ar","nextItem":{"@type":"ListItem","@id":"https:\/\/www.securesteps.tn\/ar\/category\/webapplicationsecurity\/#listItem","name":"Web Application Security"}},{"@type":"ListItem","@id":"https:\/\/www.securesteps.tn\/ar\/category\/webapplicationsecurity\/#listItem","position":2,"name":"Web Application Security","item":"https:\/\/www.securesteps.tn\/ar\/category\/webapplicationsecurity\/","nextItem":{"@type":"ListItem","@id":"https:\/\/www.securesteps.tn\/ar\/secure-code-review\/#listItem","name":"Secure Code Review : Key aspects you need to know"},"previousItem":{"@type":"ListItem","@id":"https:\/\/www.securesteps.tn\/ar#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/www.securesteps.tn\/ar\/secure-code-review\/#listItem","position":3,"name":"Secure Code Review : Key aspects you need to know","previousItem":{"@type":"ListItem","@id":"https:\/\/www.securesteps.tn\/ar\/category\/webapplicationsecurity\/#listItem","name":"Web Application Security"}}]},{"@type":"Organization","@id":"https:\/\/www.securesteps.tn\/ar\/#organization","name":"securesteps.tn","description":"Secure Steps","url":"https:\/\/www.securesteps.tn\/ar\/","logo":{"@type":"ImageObject","url":"https:\/\/www.securesteps.tn\/wp-content\/uploads\/2022\/10\/Screenshot_20220809-020241_Firefox.png","@id":"https:\/\/www.securesteps.tn\/ar\/secure-code-review\/#organizationLogo","width":1704,"height":471},"image":{"@id":"https:\/\/www.securesteps.tn\/ar\/secure-code-review\/#organizationLogo"}},{"@type":"Person","@id":"https:\/\/www.securesteps.tn\/ar\/author\/z13db\/#author","url":"https:\/\/www.securesteps.tn\/ar\/author\/z13db\/","name":"Secure Steps","image":{"@type":"ImageObject","@id":"https:\/\/www.securesteps.tn\/ar\/secure-code-review\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/74eda5010cbd6af0cf0b81d2c317f6984af5a356a8d1e117a3fbfd26c0e4e0e7?s=96&d=mm&r=g","width":96,"height":96,"caption":"Secure Steps"}},{"@type":"WebPage","@id":"https:\/\/www.securesteps.tn\/ar\/secure-code-review\/#webpage","url":"https:\/\/www.securesteps.tn\/ar\/secure-code-review\/","name":"Secure Code Review : Key aspects you need to know - Secure Steps","description":"Secure code review is a critical process in software development to identify and mitigate potential security vulnerabilities in the code. Here, I'll provide you with a step-by-step guide on how to perform a secure code review, along with some examples of common security issues and their corresponding fixes. Step-by-step guide for secure code review: Understand","inLanguage":"ar","isPartOf":{"@id":"https:\/\/www.securesteps.tn\/ar\/#website"},"breadcrumb":{"@id":"https:\/\/www.securesteps.tn\/ar\/secure-code-review\/#breadcrumblist"},"author":{"@id":"https:\/\/www.securesteps.tn\/ar\/author\/z13db\/#author"},"creator":{"@id":"https:\/\/www.securesteps.tn\/ar\/author\/z13db\/#author"},"datePublished":"2023-07-20T20:26:03+00:00","dateModified":"2024-02-26T15:48:58+00:00"},{"@type":"WebSite","@id":"https:\/\/www.securesteps.tn\/ar\/#website","url":"https:\/\/www.securesteps.tn\/ar\/","name":"Secure Steps","description":"Secure Steps","inLanguage":"ar","publisher":{"@id":"https:\/\/www.securesteps.tn\/ar\/#organization"}}]},"og:locale":"ar_AR","og:site_name":"Secure Steps - Secure Steps","og:type":"article","og:title":"Secure Code Review : Key aspects you need to know - Secure Steps","og:description":"Secure code review is a critical process in software development to identify and mitigate potential security vulnerabilities in the code. Here, I'll provide you with a step-by-step guide on how to perform a secure code review, along with some examples of common security issues and their corresponding fixes. Step-by-step guide for secure code review: Understand","og:url":"https:\/\/www.securesteps.tn\/ar\/secure-code-review\/","og:image":"https:\/\/www.securesteps.tn\/wp-content\/uploads\/2022\/10\/Screenshot_20220809-020241_Firefox.png","og:image:secure_url":"https:\/\/www.securesteps.tn\/wp-content\/uploads\/2022\/10\/Screenshot_20220809-020241_Firefox.png","article:published_time":"2023-07-20T20:26:03+00:00","article:modified_time":"2024-02-26T15:48:58+00:00","twitter:card":"summary","twitter:title":"Secure Code Review : Key aspects you need to know - Secure Steps","twitter:description":"Secure code review is a critical process in software development to identify and mitigate potential security vulnerabilities in the code. Here, I'll provide you with a step-by-step guide on how to perform a secure code review, along with some examples of common security issues and their corresponding fixes. Step-by-step guide for secure code review: Understand","twitter:image":"https:\/\/www.securesteps.tn\/wp-content\/uploads\/2022\/10\/Screenshot_20220809-020241_Firefox.png"},"aioseo_meta_data":{"post_id":"396","title":null,"description":null,"keywords":[],"keyphrases":{"focus":{"keyphrase":"","score":0,"analysis":{"keyphraseInTitle":{"score":0,"maxScore":9,"error":1}}},"additional":[]},"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":"","og_custom_url":null,"og_article_section":null,"og_article_tags":[],"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"BlogPosting","isEnabled":true},"graphs":[],"defaultGraph":"Article","defaultPostTypeGraph":""},"schema_type":"default","schema_type_options":"{\"article\":{\"articleType\":\"BlogPosting\"},\"course\":{\"name\":\"\",\"description\":\"\",\"provider\":\"\"},\"faq\":{\"pages\":[]},\"product\":{\"reviews\":[]},\"recipe\":{\"ingredients\":[],\"instructions\":[],\"keywords\":[]},\"software\":{\"reviews\":[],\"operatingSystems\":[]},\"webPage\":{\"webPageType\":\"WebPage\"}}","pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":"-1","robots_max_videopreview":"-1","robots_max_imagepreview":"large","priority":null,"frequency":"default","local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2023-07-20 20:17:00","updated":"2025-06-03 23:09:25","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/www.securesteps.tn\/ar\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/www.securesteps.tn\/ar\/category\/webapplicationsecurity\/\" title=\"Web Application Security\">Web Application Security<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tSecure Code Review : Key aspects you need to know\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/www.securesteps.tn\/ar"},{"label":"Web Application Security","link":"https:\/\/www.securesteps.tn\/ar\/category\/webapplicationsecurity\/"},{"label":"Secure Code Review : Key aspects you need to know","link":"https:\/\/www.securesteps.tn\/ar\/secure-code-review\/"}],"_links":{"self":[{"href":"https:\/\/www.securesteps.tn\/ar\/wp-json\/wp\/v2\/posts\/396","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.securesteps.tn\/ar\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.securesteps.tn\/ar\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.securesteps.tn\/ar\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.securesteps.tn\/ar\/wp-json\/wp\/v2\/comments?post=396"}],"version-history":[{"count":6,"href":"https:\/\/www.securesteps.tn\/ar\/wp-json\/wp\/v2\/posts\/396\/revisions"}],"predecessor-version":[{"id":642,"href":"https:\/\/www.securesteps.tn\/ar\/wp-json\/wp\/v2\/posts\/396\/revisions\/642"}],"wp:attachment":[{"href":"https:\/\/www.securesteps.tn\/ar\/wp-json\/wp\/v2\/media?parent=396"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.securesteps.tn\/ar\/wp-json\/wp\/v2\/categories?post=396"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.securesteps.tn\/ar\/wp-json\/wp\/v2\/tags?post=396"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}