驗(yàn)證并凈化所有輸入，使用白名單驗(yàn)證和OWASP Java Encoder防止XSS；2. 防止注入攻擊，使用參數(shù)化查詢避免SQL注入，不直接執(zhí)行用戶輸入的系統(tǒng)命令；3. 正確處理認(rèn)證和會(huì)話管理，使用bcrypt等強(qiáng)哈希算法，安全存儲(chǔ)會(huì)話令牌；4. 保護(hù)敏感數(shù)據(jù)，使用AES-256加密靜態(tài)數(shù)據(jù)，不在代碼中硬編碼密鑰，及時(shí)清除內(nèi)存中的敏感信息；5. 避免不安全的反序列化，優(yōu)先使用JSON等安全數(shù)據(jù)格式；6. 確保依賴安全，定期更新并掃描第三方庫(kù)漏洞；7. 實(shí)施安全的錯(cuò)誤處理和日志記錄，不向用戶暴露內(nèi)部細(xì)節(jié)；8. 遵循最小權(quán)限原則，安全配置JVM和框架?？傊瑢?duì)外部輸入必須驗(yàn)證、凈化且不可盲目執(zhí)行，以此構(gòu)建防御性Java應(yīng)用。

Writing secure Java code isn’t about magic tricks—it’s about being aware of common pitfalls and coding with defense in mind. Even experienced developers can introduce vulnerabilities by overlooking input validation, misusing APIs, or assuming trust where there is none. Below are key practices to avoid the most common security flaws in Java applications.

1. Validate and Sanitize All Input

Untrusted input is the root of many security issues, including injection attacks and denial-of-service vulnerabilities.

• Never trust user input, whether from web forms, APIs, files, or command-line arguments.
• Use whitelist validation (allow known good patterns) instead of blacklist approaches.
• For web apps, sanitize input to prevent Cross-Site Scripting (XSS). Use libraries like OWASP Java Encoder when outputting data to HTML, JavaScript, or CSS.
• Validate length, type, format, and range. For example:

  if (username == null || !username.matches("^[a-zA-Z0-9_]{3,20}$")) {
      throw new IllegalArgumentException("Invalid username");
  }

Tip: Use frameworks like Spring with built-in validation annotations (@NotBlank, @Pattern) to enforce constraints early.

2. Prevent Injection Attacks (SQL, OS, etc.)

SQL Injection remains a top risk when dynamic queries are built by string concatenation.

? Use parameterized queries or prepared statements:

String query = "SELECT * FROM users WHERE email = ?";
try (PreparedStatement stmt = connection.prepareStatement(query)) {
    stmt.setString(1, userEmail);
    ResultSet rs = stmt.executeQuery();
}

? Avoid:

// Dangerous!
String query = "SELECT * FROM users WHERE email = '"   userEmail   "'";

For OS command injection, never pass user input directly to Runtime.exec() or ProcessBuilder. If unavoidable, validate strictly and use whitelisted commands.

Consider using safer APIs or libraries that abstract away direct command execution.

3. Handle Authentication and Session Management Properly

Weak auth mechanisms can expose your app to account takeover.

• Use strong password hashing with algorithms like bcrypt, PBKDF2, or Argon2—never store plain text or use weak hashes like MD5/SHA-1.

  // Example with BCrypt
  String hashed = BCrypt.hashpw(password, BCrypt.gensalt());

• Use secure session management:

  • Regenerate session IDs after login.
  • Set session timeout.
  • Use secure, HttpOnly cookies for session tokens.

• Integrate with proven frameworks like Spring Security instead of rolling your own auth logic.

4. Protect Sensitive Data

• Encrypt sensitive data at rest (e.g., passwords, PII) using strong algorithms like AES-256.
• Use javax.crypto properly—avoid weak modes like ECB. Use authenticated encryption (e.g., GCM mode).
• Never hardcode secrets (passwords, API keys) in source code. Use environment variables or secure secret management tools (e.g., Hashicorp Vault, AWS KMS).
• Clear sensitive data from memory when done:

  char[] password = getPassword();
  // use password
  Arrays.fill(password, '0'); // clear it

5. Avoid Insecure Deserialization

Deserializing untrusted data can lead to remote code execution.

• Avoid ObjectInputStream for untrusted sources.
• If you must deserialize:
  • Use serialVersionUID and validate classes.
  • Consider safer alternatives like JSON or XML with strict parsing (e.g., Jackson, JAXB).
  • Use libraries like SerialKiller to whitelist allowed classes.

Better yet: Use data transfer formats like JSON with POJO mapping instead of native Java serialization.

6. Secure Dependencies and Keep Libraries Updated

Many Java apps use third-party libraries (e.g., Apache Commons, Jackson, Log4j). A vulnerable dependency can compromise your whole app.

• Use tools like OWASP Dependency-Check or Snyk to scan for known vulnerabilities.
• Regularly update dependencies.
• Remove unused libraries to reduce attack surface.
• Watch for critical flaws like Log4Shell (CVE-2021-44228)—they can lurk in transitive dependencies.

7. Apply Proper Error Handling and Logging

Revealing too much in error messages can aid attackers.

• Don’t expose stack traces or internal details to users.
• Log errors securely on the server, but avoid logging sensitive data (passwords, tokens).
• Use a logging framework like SLF4J with Logback or Log4j2 (with security patches applied).
• Ensure logs are protected from unauthorized access.

8. Enforce Least Privilege and Secure Configuration

• Run your Java application with minimal OS/user privileges.
• Disable unwanted JVM features (e.g., remote debugging in production).
• Set a SecurityManager (though deprecated in newer Java versions, still relevant in legacy systems).
• Harden java.security policy files when needed.
• Disable unwanted endpoints in frameworks (e.g., Actuator endpoints in Spring Boot).

Final Thoughts

Secure coding in Java doesn’t require being a cryptography expert—it’s about adopting defensive habits and using the right tools. Start by:

• Validating all inputs
• Using parameterized queries
• Managing secrets safely
• Keeping dependencies updated
• Leveraging security frameworks

Most vulnerabilities stem from known patterns. By following these practices and reviewing code with security in mind, you can drastically reduce risk.

Basically, if it comes from outside—verify it, sanitize it, and never execute it blindly.

以上是如何編寫(xiě)安全的Java代碼：避免常見(jiàn)漏洞的詳細(xì)內(nèi)容。更多信息請(qǐng)關(guān)注PHP中文網(wǎng)其他相關(guān)文章！