Denylisting vs. Allowlisting
In this lesson, we'll study denylisting and allowlisting.
We'll cover the following...
Denylisting
When implementing systems that require discarding elements based on an input (e.g., rejecting requests based on an IP address or a comment based on certain words) you might be tempted to use a denylist in order to filter elements out.
The problem with denylisting
The inherent problem with denylisting is the approach we’re taking. It allows us to specify which elements we think are unsafe, making the assumption that we know everything that could hurt us. From a security perspective, that’s the equivalent of us wearing summer clothes because we’re well into June, without looking out the ...