From the course: JavaScript: Security Essentials
What is server-side injection? - JavaScript Tutorial
From the course: JavaScript: Security Essentials
What is server-side injection?
- [Instructor] Server-Side Injections are malicious code injected into a vulnerable server, and can be done through forms on the client side where the form or functions make a request to the server to make the server run in loops or in the case of SQL or NoSQL injections, can be used to get user data. If you ever use eval, setTimeout, or SetInterval or functions in your code, it can be exploited for a DDOS attack, or a denial of server attacks where the hacker simply has to input a simple line to render your server useless, or send any kind of malicious code into your server. Equally important and dangerous is the use of SQL or NoSQL commands to inject code into the query that can run these commands into the database, such as being able to pull data from the database or any other command available. And what's worse, injecting code into servers is easy, and therefore, should be at the forefront of your concerns when working on securing your servers and databases. So, let's explore how code related to server-side injection could look like and how you can prevent this.
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.