Chapter 2. Forms and URLs

Previous page
Table of content
Next page

This chapter discusses form processing and the most common types of attacks that you need to be aware of when dealing with data from forms and URLs. You will learn about attacks such as cross-site scripting (XSS) and cross-site request forgeries (CSRF), as well as how to spoof forms and raw HTTP requests manually.

By the end of the chapter, you will not only see examples of these attacks, but also what practices you can employ to help prevent them.

Vulnerabilites such as cross-site scripting exist when you misuse tainted data. While the predominant source of input for most applications is the user, any remote entity can supply malicious data to your application. Thus, many of the practices described in this chapter are directly applicable to handling input from any remote entity, not just the user. See Chapter 1 for more information about input filtering.




Previous page
Table of content
Next page
Essential PHP Security
Essential PHP Security
ISBN: 059600656X
EAN: 2147483647
Year: 2005
Pages: 110
Authors: Chris Shiflett
BUY ON AMAZON
Software Configuration Management
Cisco CallManager Fundamentals (2nd Edition)
Comparing, Designing, and Deploying VPNs
The Oracle Hackers Handbook: Hacking and Defending Oracle
GDI+ Programming with C#
Digital Character Animation 3 (No. 3)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy