← Back to Course Summary
WEEK 6

Security & Vulnerabilities
安全与漏洞修复

Scan code for security vulnerabilities using Semgrep and learn to fix common security issues.

使用Semgrep扫描代码安全漏洞,并学习修复常见安全问题。

Vulnerabilities Fixed / 修复的漏洞

SQL Injection ✓ FIXED

User input was directly concatenated into SQL queries, allowing attackers to manipulate database queries.

用户输入直接拼接到SQL查询中,允许攻击者操纵数据库查询。

# ❌ Vulnerable sql = text(f"SELECT * FROM notes WHERE title LIKE '%{q}%'")
# ✅ Fixed sql = text("SELECT * FROM notes WHERE title LIKE :search") rows = db.execute(sql, {"search": f"%{q}%"})
Weak Cryptography ✓ FIXED

MD5 hashing algorithm is cryptographically broken and should not be used.

MD5哈希算法已被密码学破解,不应再使用。

# ❌ Vulnerable hashlib.md5(q.encode()).hexdigest()
# ✅ Fixed hashlib.sha256(q.encode()).hexdigest()
Cross-Site Scripting (XSS) ✓ FIXED

Using innerHTML with user input allows malicious scripts to execute in users' browsers.

使用innerHTML与用户输入允许恶意脚本在用户浏览器中执行。

// ❌ Vulnerable li.innerHTML = `${n.title}: ${n.content}`;
// ✅ Fixed const titleSpan = document.createElement('strong'); titleSpan.textContent = n.title;

OWASP Top 10 Coverage / OWASP十大覆盖

A01

Broken Access Control

Path traversal vulnerabilities identified

A03

Injection

SQL injection and command injection fixed

A02

Cryptographic Failures

Weak MD5 hashing replaced with SHA-256

A08

Software & Data Integrity

XSS vulnerabilities patched

Key Learnings / 关键学习

  • Parameterized Queries: Always use parameterized queries to prevent SQL injection
  • Input Validation: Never trust user input, always validate and sanitize
  • Secure DOM APIs: Use textContent instead of innerHTML for user content
  • Strong Cryptography: Use modern algorithms like SHA-256, bcrypt, or argon2
  • Defense in Depth: Apply multiple layers of security controls