Testing Techniques to Find the Sin

The best way to find these defects is through a code review, but you can put some tests in place just in case the code review never happens, or you miss something. For example, you could use tools such as TamperIE (www.bayden.com/Other), Web Developer (www.chrispederick.com/work/firefox/webdeveloper), or Paessler Site Inspector (www.paessler.com) to show you the forms in the browser. These tools allow you to modify the form fields and submit them to the originating web site. Figure 9-1 shows Paessler Site Inspector in action.


Figure 9-1: Paessler Site Inspector showing the forms in a web page


19 Deadly Sins of Software Security. Programming Flaws and How to Fix Them
Writing Secure Code
ISBN: 71626751
EAN: 2147483647
Year: 2003
Pages: 239

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net