LAB 204 – Defending Node.js Applications Against Canonicalization
Course Overview
When applications make security decisions based on untrusted input data that has not been canonicalized, malicious users can use these weaknesses to perform malicious actions, such as traversing file system directories, bypassing checks for restricted resources, and redirecting file system operations to unintended resources that may result in severe damages to your organization. Secure coding mitigations include resolving path traversal characters, removing extraneous duplicate characters, resolving embedded environment variables, and anchoring to a fixed location. This Defending Node.js Applications Against Canonicalization Issues Skill Lab uses an interactive simulation to train developers to identify and mitigate canonicalization vulnerabilities before they negatively impact your organization.
After completing this lab, the learner will understand how to fix canonicalization issues in Node.js applications by correctly converting filesystem paths constructed based on user input to canonical forms before validation. The learner will also receive hands-on experience testing for Path Traversal vulnerabilities, which is necessary to identify the vulnerable code and the solution.
Looking To Learn More?
Request more information on our courses and labs.
* required
Course Details
NICE Specialty Areas
Available Languages
- English