Documentation

Wiki Spaces

Documentation
Projects
Resources

Get Help from Others

Q&A: Ask OpenMRS
Discussion: OpenMRS Talk
Real-Time: IRC Chat | Slack

Documentation

Page tree

Versions Compared

Old Version 11

changes.mady.by.user Sherif Koussa

Saved on

compared with

New Version Current

changes.mady.by.user Sherif Koussa

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The following checklist identifies basic security issues that should be checked at every patch check-in. This checklist represents first-line security control against vulnerable code making it to production. This is considered a starting point and the community is encouraged to get involved to improve this list.

Scenarios where this checklist could be used:

a. Review another developer's patch against secure coding best practices.

...

c. Retroactively review a code module against secure coding best practices.

Secure Coding Checklist:

1- Contextual encoding is applied:

Ensure that all dynamic data is properly encoded to prevent cross-site scripting attacks.

...

    • Ensure that encoding is properly done using the correct context.
    • Ensure that data is properly quoted using double quotes.

2- Sanitize user data:

Ensures that user-supplied data is properly sanitized to prevent cross-site scripting and injection attacks.

...

    • Ensure that data retrieved from the QueryString, Header, Post Parameters, and Cookies is properly sanitized using a whitelist.

3- Use parameterized SQL statements:

Ensures that SQL statements are securely constructed to prevent SQL injection attacks.

...

    • Ensure that all SQL statements in the patch are parameterized, both for user-supplied data and for data loaded from other sources (e.g. database, files, etc)

4- File Upload/Download:

Ensures that proper procedures have been followed to prevent path manipulation attacks and unauthorized attempts to access the file system.

...

    • Restrict accepted file types to avoid dangerous extensions like .bat or .exe
    • It is preferable to use system generated filenames if files are to be saved locally. 
    • If this is not possible, then make sure to validate the file name using a whitelist, make sure to retrieve the file name only, useful routines to use is File.getName()
    • Validate the file size to avoid denial of service attacks.
    • Upon file download operations; ensure that the path can't be controlled by the user.

5- Forms should be protected with a token:

Ensures that proper procedures have been followed to prevent cross-site request forgery (CSRF) attacks.

...

    • Actionable requests must be protected using an anti-CSRF token. Actionable requests are requests which will result in data update, delete, insert, etc.

6- Check authentication status if appropriate:

Ensures that proper checks have been made to prevent insufficient authentication attacks.

...

    • For all the files in the patch. Ensure that authentication status is checked.

7- Check authorization status if appropriate:

Ensures that proper checks have been made to prevent unauthorized data access.

...

    • For all the files in the patch. Ensure that code exists to check the role of the current user if appropriate.

8- The patch does not perform a redirect based on user-controllable data:

Ensures that proper checks have been made to prevent open-redirects and HTTP splitting attacks.

...

    • Ensure that the code does not perform redirect or forward operation using data retrieved from the request..

9- The patch does not disable any security configuration accidentally:

Ensures that proper controls are in place to prevent against insecure configuration issues.

...