CERT Secure Coding

Home

SEI CERT Oracle Coding Standard for Java

Input Validation and Data Sanitization (IDS)

IDS50-J. Use conservative file naming conventions
IDS51-J. Properly encode or escape output
IDS52-J. Prevent code injection
IDS53-J. Prevent XPath Injection
IDS54-J. Prevent LDAP injection
IDS55-J. Understand how escape characters are interpreted when strings are loaded
IDS56-J. Prevent arbitrary file upload

FIO53-J. Use the serialization methods writeUnshared() and readUnshared() with care IDS50-J. Use conservative file naming conventions

www.cmu.edu

© 2026 Carnegie Mellon University

Legal
Privacy Policy