Defensive Code Design
Learning Objectives
To be able to:
- explain what it means to code a robust program
- Give different methods for coding a robust program
- Code your own program allowing for a variety of different user inputs.
What does defensive design mean?
Defensive design means to ensure that a program runs correctly and continues to run no matter what actions a user takes. You can do this by planning for all possibilities and thinking about what a user may do that the program does not expect.
This is done via 3 methods:
- Protection against unexpected user inputs or actions
- Maintainability
- Minimising/removing bugs
The anticipation and protection of code
- Validation
- Sanitisation
- Authentication
- Maintenance
- Testing
Validation
Using validation helps a programmer to ensure that any data input into the program is both sensible and possible.
To validate data means to apply rules to it and if the data does not meet the criteria given, then the data is rejected.
These rules can include:
- Range check
- Length check
- Presence check
- Format check
- Type check
Range check
number = 7
if number in range(0,10):
print ("True")
Length check
number = 719
if Len(number) <= 5:
print ("True")
Presence check
number = 53
if number != "":
print ("True")
Format check
number = int(input())
Type check
number = 97
if type(number) is int:
print ("True")
Sanitisation
Data sanitisation is used to hide or protect data to ensure that it can't be seen or disclosed.
The first method is masking, replacing visible data with something else, for example when a user enters a password it is covered with asterisks.
The other method is to remove any inputs that may be potentially dangerous. For example a hacker may try to use SQL injection to search through the linked database for information. So a programmer would remove SQL commands from an input.
Authentication
Authentication is the process of having a user confirm that they are who they say they are, most commonly by inputting a username and password.
Different authentication is broken down into 3 main factors:
- Something you are - a username or bank account number
- Something you know - a password, pin, or secret answer to a question
- Something you have - a swipe card or biometrics.
Maintainability
Someone may choose to go back to a program they wrote a while ago or ask someone else to modify their code to debug or improve it.
To do this the programmer would need to know how the program works and the purpose of the code.
This can include adding in comments, sensible variable names, or indentation.
Testing
When first written, a program is likely to contain many bugs. Such as syntax or logic errors.
Testing is used to find these errors and debug them.
You can debug your program in 2 different ways, iterative testing or terminal testing.
Iterative testing means to test your code as you are programming it, to check for any syntax errors and fix them as you are going along.
Whereas, terminal testing means to wait until you have finished your program and then test it as a whole to check that it functions as it should.
deck
By CJackson
