From the course: Writing Secure Code for Android by Infosec
Join today to access over 25,000 courses taught by industry experts.
Activity: Protecting JSON with an API key, part 2
From the course: Writing Secure Code for Android by Infosec
Activity: Protecting JSON with an API key, part 2
- [Instructor] Object Deserialization. Activity. Protecting JSON with an API Key Part 2. Earlier when we tried our weather app, we put in a city, we hit Submit, and we got the results. Now the results that we would show the user are just this, the city and the temperature. For our own information, we have included the entire JSON object right here, the entire response body. In our app, we're displaying the entire response body just unformatted. They're all kind of smashed together. It's hard to pick out the key value pairs. But if we look at a similar example from OpenWeather's documentation, this here is what it would look like if it was formatted nicely. The layout will be the same as our examples, just the values will be different. You can see that it is a whole bunch of key value pairs, but some of the values are whole objects. So this first key value pair, the name is coord, but the value is actually an entire JSON object with two key values inside, lon and lat for longitude and…
Contents
-
-
- (Locked) Understanding input risks14m 59s
- (Locked) Autocompletion, part 113m 34s
- (Locked) Autocompletion, part 29m 13s
- (Locked) Activity: Securing autocomplete4m 30s
- (Locked) Special characters, part 111m 4s
- (Locked) Special characters, part 26m 3s
- (Locked) Activity: Using special characters11m 25s
- (Locked) Null safety, part 112m 17s
- (Locked) Null safety, part 2: Safe call operator4m 41s
- (Locked) Null safety, part 3: Not-null operator3m 35s
- (Locked) Null safety, part 4: Elvis operator7m
- (Locked) Null safety, part 5: Safe cast and unsafe cast operators7m 57s
- (Locked) Null safety, part 6: Smart cast8m 55s
- (Locked) Activity: Implementing null safety, part 111m 35s
- (Locked) Activity: Implementing null safety, part 213m 18s
- (Locked) Activity: Implementing null safety, part 315m 15s
- (Locked) String interpolation11m 2s
- (Locked) Activity: Understanding string interpolation15m 8s
- (Locked) Format string attacks7m 42s
- (Locked) Regular expressions, part 114m 4s
- (Locked) Regular expressions, part 26m 26s
- (Locked) Activity: Working with regular expressions in Kotlin, part 114m 1s
- (Locked) Activity: Working with regular expressions in Kotlin, part 210m 3s
- (Locked) Activity: Validating input with regular expressions in Kotlin, part 314m 56s
- (Locked) Input sanitization7m 4s
- (Locked) Activity: Sanitizing input3m 51s
- (Locked) Activity: Clamping input to a range5m 16s
- (Locked) Kotlin filter and trim6m 35s
- (Locked) Activity: Filtering and trimming9m 49s
- (Locked) Cross-site attacks14m 13s
- (Locked) Activity: Exploring cross-site scripting10m 8s
- (Locked) Cross-app scripting4m 42s
- (Locked) Activity: Defending against cross-app scripting9m
- (Locked) Code tampering and injection, part 17m 7s
- (Locked) Code tampering and injection, part 210m 35s
- (Locked) Code tampering and injection, part 311m 37s
- (Locked) Activity: Filtering a malicious QR code, part 18m 57s
- (Locked) Activity: Filtering a malicious QR code, part 23m 59s
- (Locked) SQL injection14m 24s
- (Locked) SQL stored procedures4m 55s
- (Locked) Object deserialization, part 14m 48s
- (Locked) Object deserialization, part 24m 25s
- (Locked) Activity: Protecting JSON with an API key, part 116m 17s
- (Locked) Activity: Protecting JSON with an API key, part 24m 48s
- (Locked) Form validation, part 112m 12s
- (Locked) Form validation, part 29m 37s
- (Locked) Form validation, part 36m 29s
- (Locked) Activity: Validating form input, part 113m 29s
- (Locked) Activity: Validating form input, part 24m 36s
- (Locked) WebView vulnerabilities, part 111m 34s
- (Locked) WebView vulnerabilities, part 210m 13s
- (Locked) Activity: Securing Android WebView11m 53s
- (Locked)
-
-
-
-
-
-