Course teaser
Ce cours vous apprendra à sécuriser vos applications web PHP et Symfony contre les vulnérabilités courantes telles que les attaques XSS, CSRF et SQL injection. Vous apprendrez les meilleures pratiques pour l'authentification, l'autorisation et la gestion des sessions, ainsi qu...
Roadmap
-
1. Introduction to Web Security with PHP & Symfony
This chapter introduces core web security concepts, threat modeling, and how Symfony's architecture helps secure applications. It lays the foundation for secure coding practices and the development environment and tools you will use throughout the course. -
1. Foundations of Web Security for PHP and Symfony
This chapter introduces core web security concepts and the threat landscape relevant to PHP and Symfony applications. It covers threat modeling, the OWASP Top Ten, framework-specific considerations, and practical tools and workflows for secure development. -
2. Input Validation, Output Encoding, and Preventing XSS
This chapter focuses on safe handling of user input and output to prevent Cross-Site Scripting and injection issues. You will learn validation strategies, encoding contexts, and how to use Symfony and Twig features to protect content. -
2. Input Validation, Output Encoding and Preventing XSS
This chapter focuses on input validation strategies, output encoding, and practical techniques to prevent Stored, Reflected, and DOM XSS in PHP and Symfony applications. -
3. CSRF, Sessions, and Secure State Management
This chapter examines Cross-Site Request Forgery (CSRF), session handling, cookie security, and state management in Symfony. You will learn to implement CSRF protection, secure cookie attributes, and strategies to prevent session fixation. -
3. Preventing CSRF, CORS and Secure API Design
Covers CSRF mechanisms, cross-origin concerns, and strategies to design secure APIs with proper authentication and CORS policies for Symfony-based backends.