Translate section 24: Security

pull/360/head
Roy Ginting 2020-02-10 18:05:44 +07:00
parent 69bce3813b
commit 31d8efeadb
1 changed files with 12 additions and 10 deletions

View File

@ -1714,20 +1714,22 @@ Karena nirkeadaan, REST sangat bagus untuk penyekalaan horizontal dan pemecahan.
## Security ## Security
This section could use some updates. Consider [contributing](#contributing)! Bagian ini memerlukan pembaruan.
Pertimbangkan untuk [berkontribusi](#kontribusi)!
Security is a broad topic. Unless you have considerable experience, a security background, or are applying for a position that requires knowledge of security, you probably won't need to know more than the basics: Keamanan merupakan topik yang luas.
Kecuali Anda memiliki pengalaman yang cukup, latar belakang keamanan, atau melamar posisi yang membutuhkan pengetahuan keamanan, Anda mungkin tidak perlu mengetahui lebih dari pengetahuan dasar:
* Encrypt in transit and at rest. * Enkripsi saat transit dan saat istirahat.
* Sanitize all user inputs or any input parameters exposed to user to prevent [XSS](https://en.wikipedia.org/wiki/Cross-site_scripting) and [SQL injection](https://en.wikipedia.org/wiki/SQL_injection). * Bersihkan seluruh masukan pengguna atau parameter masukan yang terekspos ke pengguna untuk mencegah [XSS](https://en.wikipedia.org/wiki/Cross-site_scripting) dan [Injeksi SQL](https://en.wikipedia.org/wiki/SQL_injection).
* Use parameterized queries to prevent SQL injection. * Gunakan kueri terparameter untuk mencegah injeksi SQL.
* Use the principle of [least privilege](https://en.wikipedia.org/wiki/Principle_of_least_privilege). * Gunakan prinsip [least privilege](https://en.wikipedia.org/wiki/Principle_of_least_privilege).
### Source(s) and further reading ### Sumber dan bacaan lanjutan
* [API security checklist](https://github.com/shieldfy/API-Security-Checklist) * [Daftar periksa keamanan API](https://github.com/shieldfy/API-Security-Checklist)
* [Security guide for developers](https://github.com/FallibleInc/security-guide-for-developers) * [Panduan keamanan untuk pengembang](https://github.com/FallibleInc/security-guide-for-developers)
* [OWASP top ten](https://www.owasp.org/index.php/OWASP_Top_Ten_Cheat_Sheet) * [sepuluh teratas OWASP](https://www.owasp.org/index.php/OWASP_Top_Ten_Cheat_Sheet)
## Appendix ## Appendix