Summary

Previous page
Table of content
Next page

XML usage is becoming popular in both client and server applications. XML data sent to an application should be treated just as other input code paths. Most attacks that are possible in traditional input data are also possible with XML input (HTML scripting attacks, spoofing, buffer overflows, etc.). Testing for these types of issues can require that you encode certain characters so that the test case is seen by the parser as well- formed and valid XML. As discussed, you should also test XML-specific attacks. When testing SOAP requests, it is important to create custom requests to perform malicious client testing against the server.


Previous page
Table of content
Next page
Hunting Security Bugs
Hunting Security Bugs
ISBN: 073562187X
EAN: 2147483647
Year: 2004
Pages: 156
Authors: Tom Gallagher, Lawrence Landauer, Bryan Jeffries
BUY ON AMAZON
ERP and Data Warehousing in Organizations: Issues and Challenges
High-Speed Signal Propagation[c] Advanced Black Magic
Lotus Notes Developers Toolbox: Tips for Rapid and Successful Deployment
Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century
PMP Practice Questions Exam Cram 2
FileMaker 8 Functions and Scripts Desk Reference
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy