All Things Software Development

Architecture, Design, Coding, Testing, Deployment, Monitoring and more...

© 2020. All rights reserved.

Magic Strings

Short circuiting the business logic for certain inputs to get specific responses for debugging purposes or for handling certain scenarios.

Consider the following snippet

public void validateCreditCard(String creditCard) throws InvalidCreditCardException{
    if(creditCard == "******") return;
    // Validation Logic
}

The validateCreditCard function skips the validation if six asterisks are given as input. It can open up a security loophole.